UMD Cybersecurity Executive Summit Agenda

April 3rd-5th 2019
The Hotel
7777 Baltimore Ave, College Park

Wednesday – April 3rd

Welcome Cocktail Reception
Hotel Rooftop Penthouse
Time: 6:00 pm – 8:00 pm
Opening Remarks: Dan Ennis
Executive Director, Maryland Global Initiative in Cybersecurity (MaGIC), Former Director of NTOC at NSA

Talk: Addressing the Cyber Challenge, a Government View
Featured Speaker: Steve Verber
Deputy Executive Director, Office of the Deputy Chief Information Officer; and Operations Office of the Chief Information Officer, U.S. Department of Health and Human Services

Thursday – April 4th

Coffee Reception and Registration
2nd Floor Lobby
Time: 8:00 am – 9:00 am

Welcoming Remarks
Plenary Room
Time: 9:00 am – 9:15 am
Speaker: Wallace Loh
President, University of Maryland

Talk: How to think About Cybersecurity
Plenary Room
Time: 9:15 am – 9:45 am
Speaker: Keith Marzullo
Dean, Information Studies School, University of Maryland
Description: Cybersecurity has been an ever-evolving challenge, that demands an adaptive approach. This talk sets the tone for the conference by briefly touching upon the various topics that will be discussed over the two days and their relationship with each other. It also broadly covers the current threats relevant to different kind of organizations including critical infrastructure, and internal and external dependencies that can have a cascading effect.

Keynote - Challenges in Cybersecurity
Plenary Room
Time: 9:45 am – 10:15 am
Keynote Speaker: Rick Ledgett
Former Deputy Director, National Security Agency

Brief: Government View of the Threat Landscape (NSA)
Plenary Room
Time: 10:15 am – 10:50 am
Speaker: Jon Darby
Director of Operations, National Security Agency
Description: This overview brief highlights the broad government insights on the threat environment. How criminals, hacktivists, and advanced persistent threats act on the internet and how organizations are exposed to those actions?

Break (10:50 am -11:00 am)

Panel: The Evolving Threat Landscape
Plenary Room
Time: 11:00 am – 12:00 pm
Moderator: Dan Ennis, Executive Director, MaGIC
Panelist 1: Syed Ali, Vice President, Cybersecurity Advisory Services, Bain & Company
Panelist 2: Frank Downs, Director Cybersecurity, ISACA
Panelist 3: Ryan Agee, Technical Director, BlueVoyant
Panelist 4: Ray Watts, Senior Consultant, US Navy
Panelist 5: Brandon Levene, Head of Applied Intelligence, Chronicle
Description: In a world increasingly driven by digital technologies and information, cyber threat management is more than just a strategic imperative, it is a fundamental part of doing business. This panel explores the evolving nature of cybersecurity threats from hacktivists, criminals, and nation-states and how tactics are changing to exact greater effects on targeted organizations.

Talk: Global Cyber Challenges: Law, Policy, and Governance
: Plenary Room
Time: 12:00 pm – 12:30 pm
Featured Speaker: Grant Schneider
Federal Chief Information Security Officer and Senior Director of Cybersecurity Policy, National Security Council
Description: How should government organizations manage the cybersecurity problem? How do current efforts by the government attempt to frame and proactively address the myriad of governance challenges facing a complex organization? This talk will discuss the challenges and opportunities facing public organizations, and how policy initiatives are attempting to address them.

Break: Move to Lunch Room (12:30 pm -1:00 pm)

Lunch Talk - How to Secure an Enterprise
Location: Dining Room
Time: 1:00 pm – 1:45 pm
Featured Speaker: Curt Dukes
Executive VP & GM - CIS Security Best Practices & Automation
Description: Given the range of existing threats, policy structures, and governance challenges what are practical and tangible approaches organizations can take to safeguard their operations? This lunchtime talk will discuss practical actions and the need to address the trade-offs between efficiency and security in the modern enterprise.

Break: Move back to Plenary Room (1:45 pm -2:10 pm)

Panel: Communicating and Responding to Cybersecurity Challenges
Location: Plenary Room
Time: 2:10 pm – 3:00 pm
Moderator: Dana Priest
Professor University of Maryland, Former Washington Post Reporter
Panelist 1: Markus Rauschecker, JD, Cybersecurity Program Director at the University of Maryland’s Center for Health and Homeland Security (CHHS)
Panelist 2: Donald Freese, Partner, Cybersecurity & Privacy, Price Waterhouse Coopers
Description: Communication before, during, and after a cyber event is a prime concern for organizational leaders. This panel will focus on the considerations leaders must grapple with, the legal constraints they often must operate within, and the public perception problems they must help shape.

Panel: Evolving Complex Attack Surfaces
Location: Plenary Room
Time: 3:00 pm – 4:00 pm
Moderator: Pete Tseronis
CEO Dots and Bridges, Former CTO Departments of Energy and Education
Panelist 1: Greg Sisson, Director of Cyber Operations, Department of Energy
Panelist 2: John Chain, Principal Consultant, Cybis
Panelist 3: Harry Perper, Chief Engineer, The MITRE Corporation
Panelist 4: Dan Prieto, Strategic Executive, Google Cloud - Public Sector
Panelist 5: Francesco Trama, Chief Executive Officer and Founder, PacketViper
Description: Cybersecurity threats have grown exponentially in size, scope, and severity over the past couple of decades. But organizations continue to invest in securing their perimeter via a reactive approach, as opposed to identifying cyber threats on the internet and other attack surfaces using more proactive measures. This panel explores the evolving nature of complex attack surfaces and issues that need to be addressed in this context.

Joint Talk: Complexity and Integrated Strategic Risk in the Private and Public Sector
Location: Plenary Room
Time: 4:00 pm – 5:00 pm
Speaker 1: Tudor Dumitras
Assistant Professor, ECE Department and MC2, University of Maryland
Speaker 2: Charles Harry
Senior Research Associate, Center for International and Security Studies at Maryland
Description: Organizations are increasingly concerned about the interconnections between themselves, third-party vendors, and the supply chains that couple them together. How can firms think through the complex set of organizational relationships and the IT asset that supports them across the myriad of hacker-induced effects they are facing? This talk will discuss an approach for understanding and assessing interdependent risk within complex organizations in larger interlinked critical services.

Break (5:00 pm - 6:00 pm)

Location: Dining Room
Time: 6:00 pm – 8:00 pm
The UMD Advantage: Mary Ann Rankin
Provost, University of Maryland

Dinner Talk
Location: Dining Room
Time: 6:00 pm – 8:00 pm
Featured Speaker: Congressman C.A. Dutch Ruppersberger
US House of Respresentatives, Maryland's 2nd District
Description: How can cybersecurity be addressed as a systemic problem in Public Sector governance? This talk will address the larger ecosystem of problems complex public sector organizations need to address.

Featured Speaker: Jim Rosenthal
CEO Blue Voyant, Former COO Morgan Stanley
Description: How can cybersecurity be addressed as a systemic problem in firm acquisition, capital raising, and for supply chain risk? This talk will address the larger ecosystem of problems private complex organizations need to address.

Friday – April 5th

Coffee Reception and Registration
Location: 2nd Floor Lobby
Time: 8:00 am – 9:00 am

Talk: Cybersecurity from the Boardroom
Location: Plenary Room
Time: 9:00 am – 9:45 am
Featured Speaker:Deb Plunkett
Senior Fellow, Harvard Belfer Center; Former Director of NSA's Information Assurance Directorate
Description: How do corporate governance structures work to implement practical and relevant security architectures? This talk will focus on the challenges facing corporate boards in identifying the threats to their organization, defining a strategy for approaching the problem, and relevant implementation methods for executing those plans.

Breakout into Track Sessions

Track 1: Public Sector: Governance and Building Effective Public Private Partnerships
Track 2: Understanding the Threat and Generating Effective Intelligence
Track 3: Emerging Technology and Securing the Digital Enterprise
Track 4: Understanding Risk and Building Resilient Organizations
Domestic and International Governance Challenges

Moderator: Nancy Gallagher

Panelist: Theresa Hitchins

Panelist: Ellen Cornelius JD

Useful Threat Intelligence for Organizations

Moderator: Ryan Agee

Panelist: Brandon Levene

Panelist: Ray Watts

Panelist: John Chain

Secure Coding for Organizations

Talk: Mike Hicks

Assessing, Measuring, Reducing, and Transferring Risk in Complex Organizations

Moderator: Charles Harry

Panelist: Larry Gordon

Panelist: Sasha Romanosky

Panelist: Tudor Dumitras

Integration of Private and Public Sector Response

Moderator: Dr. David Mussington

Panelist: Brian Shea

Panelist: Kristin Judge

Panelist: David Reed

Leveraging Advanced Analytics

Moderator: Tudor Dumitras

Panelist: Susan Campbell

Panelist: Blake Darche

Panelist: Nicholas Weir

Opportunities and Security Challenges for IoT and Cloud

Introduction: Charles Harry

Talk: Anthony Vicinelly

Building Cyber Resilient Organizations

Moderator: Michel Cukier

Panelist: Chris Castaldo

Panelist: Frank Downs

Panelist: Syed Ali

Lunch Speaker: Major General Linda L. Singh, The Adjutant General of Maryland

Challenging Conventional Best Practices

Talk: Dr. Michelle Mazurek

Hacking the Human: Spycraft and the Art of Solicitation

Talk: Jarrod Tisdell

John Chain

Vulnerabilities to Critical Infrastructure and the Future of Smart Cities

Moderator: Jennifer A. Morrissey
Panelist: Harry Perper
Panelist: Daryl Haegley
Panelist: Ray Watts

Understanding Supply Chain Risk

Talk: Lisa Harrington

Conference Wrap-up
Plenary Room
Time: 3:20 pm – 3:50 pm
Speaker: Keith Marzullo
Dean, School of Information Studies, UMD

Concluding Remarks
Plenary Room
Time: 3:50 pm – 4:00 pm
Speaker: Dan Ennis
Executive Director, Maryland Global Initiative for Cybersecurity (MaGIC), UMD

Registration for the Annual Executive Cybersecurity Summit is now open!