Presented at
DEF CON 20 (2012),
July 28, 2012, 1 p.m.
(50 minutes).
Did you ever wonder if the Feds were telling you're the truth when you asked a question? Join current and former federal agents from numerous agencies to discuss cyber policy and answer your burning questions. Enjoy the opportunity to grill ‘em and get down to the bottom of things!
Agencies that will have representatives include: Defense Cyber Crime Center (DC3), Department of Homeland Security (DHS), United States Computer Emergency Readiness Team (US CERT), Office of the Secretary of Defense Networks and Information Integration (OSD/NII), National Security Agency (NSA), National Defense University (NDU), and Virginia Tech.
Each of the agency reps will make an opening statement regarding their agencies role, and then open it up to the audience for questions.
Presenters:
-
Rich Marshall
- NSA
Rich Marshall is the Founder and President of X-SES Consultants, LLC, the former Vice President of Cyber Programs at Triton FSI and is a nationally and internationally recognized thought leader on cyber related issues. He provides an impressive professional network and is known for facilitating the establishment of programs and contracts. He has extensive leadership experience in formulating growth strategies, integrating policy, culture and training with technology issues, building relationships and delivering lasting results. He is also a strategic thinker who knows how to lead and very importantly, knows where to lead. He previously was a member of the Senior Cryptologic Executive Service (SCES) and the Defense Intelligence Senior Executive Service (DISES). Prior to joining Triton FSI, he was the Director of Global Cyber Security Management, National Cyber Security Division, Department of Homeland Security (DHS) by special arrangement between the Director, National Security Agency (DIRNSA) and the Secretary of DHS. Within DHS he directed National Cyber Security Education Strategy; and the Software Assurance; Research and Standards Integration; and Supply Chain Risk Management programs.
Mr. Marshall was previously the Senior Information Assurance (IA) Representative, Office of Legislative Affairs at the National Security Agency (NSA) where he served as the Agency's point of contact for all NSA Information Security (INFOSEC) matters concerning Congress. He devised the IA legislative strategy, helped shape the passage of the revised Foreign Intelligence Surveillance Act and was the Comprehensive National Cyber Security Initiative (CNCI).
In 2001, Mr. Marshall was selected by the Cyber Advisor to the President to serve as the Principal Deputy Director, Critical Infrastructure Assurance Office (CIAO), where he led a team of 40 dedicated professionals in developing, coordinating and implementing the Administration's National Security for Critical Infrastructure Protection initiative and the National Cyber Security Strategy to address potential threats to the nation's critical infrastructures.
From 1994 to 2001, Mr. Marshall served with distinction as the Associate General Counsel for Information Systems Security/Information Assurance, Office of the General Counsel, National Security Agency. In that capacity, Mr. Marshall provided advice and counsel on national security telecommunications and technology transfer policies and programs, national security telecommunications technical security programs, the National Information Assurance Partnership, the Common Criteria Mutual Recognition Arrangement, legislative initiatives and international law. Mr. Marshall was the legal architect for the Joint Chiefs of Staff directed exercise "Eligible Receiver 97" that spotlighted many of the cyber-vulnerabilities of our nation's critical infrastructures and helped bring focus on this issue at the national leadership level.
Mr. Marshall graduated from The Citadel with a B.A. in Political Science; Creighton University School of Law with a J.D. in Jurisprudence; Georgetown School of Law with an LL.M. in International and Comparative Law; was a Fellow at the National Security Law Institute, University of Virginia School of Law in National Security Law; attended the Harvard School of Law Summer Program for Lawyers; the Georgetown University Government Affairs Institute on Advanced Legislative Strategies and participated in the Information Society Project at Yale Law School and in the Privacy, Security and Technology in the 21st Century program at Georgetown University School of Law.
-
Rod Beckstrom
- Ex-DHS
Rod Beckstrom is a highly successful entrepreneur, founder and CEO of a publicly-traded company, a best-selling author, avowed environmentalist, public diplomacy leader and, most recently, the head of a top-level federal government agency entrusted with protecting the nation's communication networks against cyber attack.
Throughout 2008, Rod served as the Director of the National Cybersecurity Center (NCSC) at the U.S. Department of Homeland Security, where he reported to the Secretary of DHS, and was charged with cooperating directly with the Attorney General, National Security Council, Secretary of Defense, and the Director of National Intelligence (DNI). Prior to joining DHS, he served on the DNI's Senior Advisory Group. Rod is unique in having experienced the inner workings of two, highly-charged, often competing, federal security agencies created in the wake of the September 11th attacks, an event that he says, "changed my life."
Rod is widely regarded as a pre-eminent thinker and speaker on issues of cybersecurity and related global issues, as well as on organizational strategy and leadership. He is also an expert on how carbon markets and "green" issues affect business. While Director of the NCSC, Rod developed an effective working group of leaders from the nation's top six cybersecurity centers across the civilian, military and intelligence communities. His work led to his development of a new economic theory that provides an explicit model for valuing any network, answering a decades-old problem in economics.
Rod co-authored four books including The Starfish and the Spider: The Unstoppable Power of Leaderless Organizations, a best-selling model for analyzing organizations, leadership styles, and competitive strategy. The Starfish and the Spider has been translated into 16 foreign editions and is broadly quoted.
At age 24, Rod started his first company in a garage apartment and, subsequently, grew it into a global enterprise with offices in New York, London, Tokyo, Geneva, Sydney, Palo Alto, Los Angeles, and Hong Kong. CATS Software Inc., went public and later sold. Nobel Laureates Myron Scholes and William F. Sharpe served on the company's boards of directors and advisors. While at CATS Rod helped advance the financial theory of "value at risk," now used globally for all key banking risk management. Rod co- edited the first book to introduce "value at risk." Rod also co-founded Mergent Systems, a pioneer in inferential database engines, which Commerce One later acquired for $200 million. He has co-launched other collaborations, software, and internet service businesses, as well. From 1999 to 2001, he served as Chairman of Privada, Inc, a leader in technology enabling private, anonymous, and secure credit card transactions over the internet.
In 2003, Rod co-founded a global peace network of CEO's which initiated Track II diplomatic efforts between India and Pakistan. The group's symbolic actions opened the borders to people and trade, and contributed to ending the most recent Indo-Pak conflict. It's one of several non-profit groups and initiatives Rod has started. He now serves on the boards of the Environmental Defense Fund, which Fortune Magazine ranked as one of the seven most powerful boards in the world and Jamii Bora Trust an innovative micro-lending group in Africa with more than 200,000 members.
He is a graduate of Stanford University with an MBA and a BA with Honors and Distinction. He served as Chairman of the Council of Presidents of the combined Stanford student body (ASSU) and was a Fulbright Scholar at the University of St. Gallen in Switzerland.
-
Jerry Dixon
- Ex-DHS
Jerry Dixon currently serves as Director of Analysis for Team Cymru and was the former Director of the National Cyber Security Division (NCSD) & US-CERT, of the Department of Homeland Security. He continues to advise partners on national cyber-security threats, aides organizations in preparing for cyber-attacks, and assists with the development of cyber-security policies for organizations.
-
Riley Repko
- VT
Riley Repko remains committed to building the ‘knowledge-bridge' between the innovator (the solver) with the requirement (the seeker). He has a long history of working with innovative small and medium sized companies and entrepreneurs leveraging his know-how to drive business. A constant and responsive connector, he is most comfortable strategizing with key industry decision-makers at the highest levels of government, between leading-edge cyber solution providers, venture capitalists, the white-hat 'wizards' and the R&D community. Today, Riley serves as both a cyber-secuirty consultant and a Senior Research Fellow in Cyber Security for Virginia Tech, and as an affiliated faculty member with the Ted and Karyn Hume Center for National Security and Technology. Prior to joining Virginia Tech, Mr Repko served as the senior advisor for cyber operations for both the United States Air Force and to the Office of the Undersecretary for Cyber Policy within the Department of Defense.
-
Dr. Linton Wells II
- NDU
as Dr. Linton Wells
Dr. Linton Wells II is the Director of the Center for Technology and National Security Policy (CTNSP) at National Defense University (NDU). He is also a Distinguished Research Professor and serves as the Transformation Chair. Prior to coming to NDU he served in the Office of the Secretary of Defense (OSD) from 1991 to 2007, serving last as the Principal Deputy Assistant Secretary of Defense (Networks and Information Integration). In addition, he served as the Acting Assistant Secretary and DoD Chief Information Officer for nearly two years. His other OSD positions included Principal Deputy Assistant Secretary of Defense (Command, Control, Communications and Intelligence-C3I) and Deputy Under Secretary of Defense (Policy Support) in the Office of the Under Secretary of Defense (Policy).
In twenty-six years of naval service, Dr. Wells served in a variety of surface ships, including command of a destroyer squadron and guided missile destroyer. In addition, he acquired a wide range of experience in operations analysis; Pacific, Indian Ocean and Middle East affairs; and C3I. Recently he has been focusing on STAR-TIDES, a research project focusing on affordable, sustainable support to stressed populations and public-private interoperability.
Dr. Wells was born in Luanda, Angola, in 1946. He was graduated from the United States Naval Academy in 1967 and holds a Bachelor of Science degree in physics and oceanography. He attended graduate school at The Johns Hopkins University, receiving a Master of Science in Engineering degree in mathematical sciences and a PhD in international relations. He is also a 1983 graduate of the Japanese National Institute for Defense Studies in Tokyo, the first U.S. naval officer to attend there.
Dr. Wells has written widely on security studies in English and Japanese journals. He co-authored Japanese Cruisers of the Pacific War, which was published in 1997 and co- edited Crosscutting Issues in International Transformation, published in 2009. His hobbies include history, the relationship between policy and technology, and scuba diving. He has thrice been awarded the Department of Defense Medal for Distinguished Public Service.
-
Mark Weatherford
- DHS
Mark Weatherford is the Deputy Under Secretary for Cybersecurity for the National Protection and Programs Directorate (NPPD), a position that will allow DHS NPPD to create a safe, secure, and resilient cyberspace. Weatherford has a wealth of experience in information technology and cybersecurity at the Federal, State and private sector levels.
Weatherford was previously the Vice President and Chief Security Officer of the North American Electric Reliability Corporation (NERC) where he directed the cybersecurity and critical infrastructure protection program. Before NERC, Weatherford was with the State of California where he was appointed by Governor Arnold Schwarzenegger as the state's first Chief Information Security Officer. Prior to California, he served as the first Chief Information Security Officer for the State of Colorado, where he was appointed by two successive governors. Previously, as a member of the Raytheon Company, he successfully built and directed the Navy/Marine Corps Intranet Security Operations Center (SOC) in San Diego, California, and also was part of a team conducting security certification and accreditation with the U.S. Missile Defense Agency. A former U.S. Navy Cryptologic Officer, Weatherford led the U.S. Navy's Computer Network Defense operations and the Naval Computer Incident Response Team (NAVCIRT).
Weatherford earned a bachelor's degree from the University of Arizona and a master's degree from the Naval Postgraduate School. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) certifications. He was awarded SC Magazine's prestigious "CSO of the Year" award for 2010 and named one of the 10 Most Influential People in Government Information Security for 2012 by GovInfo Security.
-
Marcus Sachs
- Ex-WHS
Marcus Sachs is a retired Army officer and was also a presidential appointee to the White House Office of Cyberspace Security in 2002-2003. While at the White House he authored parts of the National Strategy to Secure Cyberspace, and proposed the creation of what ultimately became the US-CERT at DHS.
During his Army career he was well known for tinkering with things technical and often found ways to circumvent traditional controls and constraints to achieve mission success. An avid ham radio operator, he was the custodian of two different MARS stations and helped with the engineering of large X.25 packet switching networks in the 1980s long before Netscape and the Internet came along. In 1994 he became known as the Voodoo Switchdoctor thanks to his expertise in building and running secure data networks in Haiti that supported military operations there. In 1998 he was selected by the SECDEF to be an initial member of the DoD's Joint Task Force for Computer Network Operations, where he served until he retired at the end of 2001. At the JTF he spent time chasing malicious actors at all levels, from script-kiddie hackers to terrorists to nation states that were attempting to do harm to DoD networks. After leaving government in 2003 he volunteered as the director of the SANS Internet Storm Center for seven years and became well known at Defcon for sporting his motorcycle leather in the Las Vegas heat.
Currently at Verizon, Marcus now serves on several public-private working groups in the Washington D.C. area and is a frequent speaker at both technical as well as policy centric events and workshops. He holds degrees in Civil Engineering, Computer Science, and Science and Technology Commercialization, and is currently pursuing a Ph.D. in Public Policy. He authored and teaches a three-day course in Critical Infrastructure Protection at the SANS Institute and is a licensed Professional Engineer in the Commonwealth of Virginia.
-
Robert E. Joyce
- NSA
Mr. Rob Joyce is the Deputy Director of the Information Assurance Directorate (IAD) at the National Security Agency. His organization is the NSA mission element charged with providing products and services critical to protecting our Nation's systems that carry classified communications, military command and control or intelligence information. IAD provides technical expertise on cyber technologies, cryptography, security architectures and other issues related to information assurance, as well as supplying deep understanding of the vulnerability and threats to national security systems.
Mr. Joyce has spent more than 23 years at NSA, beginning his career as an engineer. He holds a Bachelors Degree in Electrical and Computer Engineering from Clarkson University a Masters Degree in Electrical Engineering from Johns Hopkins. Throughout his career with NSA, he has been the recipient of two Presidential Rank Awards, one meritorious and one at the distinguished level.
-
Mischel Kwon
- EX-USCERT
as Mishel Kwon
Mischel Kwon is an IT executive with more than 29 years of experience ranging from application design and development, network architecture and deployment, Information Assurance policy, audit and management, technical defensive security, large wireless system security, to building organizational and national level Computer Emergency/Incident Response/Readiness Teams.
Ms. Kwon currently serves as the President of Mischel Kwon Associates, a security consulting firm specializing in Technical Defensive Security, Security Operations and Information Assurance.
Most recently, as the Vice President of Public Sector Security for RSA Security, Ms. Kwon was responsible for leading RSA in assisting the public sector security solutions, strategies, technologies and policy.
Ms. Kwon was named the Director for the United States Computer Emergency Readiness Team (US-CERT) in June 2008 where she spearheaded the organization responsible for analyzing and reducing cyber threats and vulnerabilities in federal networks, disseminating cyber threat warning information and coordinating national incident response activities.
Kwon brings a unique blend of hands on experience, academic research and training, and a seasoned understanding of how to build operational organizations from inception. Among her successes at the United States Department of Justice (DOJ), where she was Deputy Director for IT Security Staff; she built and deployed the Justice Security Operations Center (JSOC) to monitor and defend the DOJ network against cyber threats.
Ms. Kwon holds a Master of Science in Computer Science and a graduate certificate in Computer Security and Information Assurance. In addition, she serves as an adjunct professor at George Washington University in Washington, DC, where Ms. Kwon also runs the GW Cyber Defense Lab.
-
Jim Christy
- Moderator, DC3
Jim Christy is a retired special agent that has specialized in cyber crime investigations and digital forensics for over 26 years with the Air Force Office of Special Investigation and over 40 years of federal service. Jim returned to the federal government first as an IPA and now as an HQE and is the Director of Futures Exploration (FX) for the Department of Defense Cyber Crime Center (DC3). FX the DC3 innovation incubator is responsible for outreach/marketing, and strategic relationships with other government organizations, private sector, and academia for DC3. He was profiled in Wired Magazine in January 2007.
Jim consulted with David Marconi (writer of Enemy of the State, Mission Impossible 2 & Live Free or Die Hard) and contributed technical advice on critical infrastructure attacks used in the movie Live Free or Die Hard.
In May 2011, the Air Force graduated the first NCO's for a new AF career field, Cyber Defense Operations at Keesler AFB, MS. The staff of the course honored Jim by presenting the top graduate of the class with the "Jim Christy Award". In 2006, Christy created the DC3 Digital Forensics Challenge an international competition that in 2011 had 1,800 participants spanning all 50 states and 53 countries. The exercises are designed to develop, hone, and engage participants in the fields of cyber investigation, digital forensics, and cyber security. It is one of the first venues to employ crowd sourcing in "real world" mission focused solution development.
In Oct 2003, the Association of Information Technology Professionals awarded Jim the 2003 Distinguished Information Science Award winner for his outstanding contribution through distinguished services in the field of information management. Previous recipients of this prestigious award include Admiral Grace Hopper, Gene Amdahl, H. Ross Perot, General Emmett Paige, Bill Gates, Lawrence Ellison, David Packard and Mitch Kapor.
From 17 Sep 01 - 1 Nov 03, Jim was the Deputy Director/Director of Operations, Defense Computer Forensics Lab, DC3. As the Dir of Ops for the DCFL he managed four sections with over 40 computer forensic examiners that supported Major Crimes & Safety, Counterintelligence and Counterterrorism, as well as Intrusions and Information Assurance cases for the Department of Defense.
Links:
Similar Presentations: