Potomac Forum The Forum of Choice for Government & Industry Training Since 1982

The Forum of Choice for Government & Industry Training Since 1982

Managing and Implementing Cybersecurity in Government Training Workshop

What Government Executives, Managers, and Staff need to know about Cybersecurity in 2019 to conform with new Policies, Regulations, and Best Practices and Reduce Risk to the Organization

Tuesday, March 19, 2019

Keynote Presentation:

Dr. Ron Ross

NIST FELLOW

Leader, FISMA Implementation Team 

National Institute of Standards and Technology (NIST)

Leader, Joint Transformation Initiatives Interagency Working Group 

Author of the NIST Risk Management Framework, SP800-53 Rev 4 and numerous other publications

 

Speakers:
 

Veronica Cuello

Vice President

Cyber Solutions, eGlobalTech

 

Akil Crawford 

Director

Cyber Solutions, eGlobalTech

 

Elizabeth Voeller 

Director, Cyber Solutions, eGlobalTech

 

Max Everett 
Chief Information Officer 
Department of Energy 

Tuesday, March 19, 2019

Meeting Location: 
Willard InterContinental Hotel

Willard Intercontinental Hotel
1401 Pennsylvania Avenue N.W.
Washington 20004
United States

Metro Center (Red, Orange, Blue Lines). Use the exit marked “12th & F Sts” to exit onto F St., then continue straight two blocks and cross 14th St.

Overview: 

The purpose of this workshop is to provide a better understanding of current Federal cybersecurity policies and regulations as well as provide best practices for implementation. Federal guidance on IT security tends to change due to advances in cybersecurity tools and technology, new administration priorities, evolving cyber threats to our natio13nal security, and other influencers. It can be overwhelming and hard to keep up with. This workshop will provide participants with the most up to date information so they can get ahead with activities that promote immediate cyber resilience.  

 

Hear from government officials and industry experts tasked with implementing robust security and risk management strategies. Listen to a mix of different government panelists presenting practical information from both a security and risk management prospective, led by an experienced moderator that will discuss lessons learned on key issues Federal organizations are facing and the risks that are being seen today throughout the government.  Learn about current NIST Standards and Guidelines from NIST Leader and what agencies should be prepared for in the future.

 

This workshop offers consolidated IT security fundamentals condensed into a 1-day program focused on the application of practical knowledge. It will provide participants with recommendations for small changes that, when implemented correctly, can improve cybersecurity scores and make reporting less painful. The goal of this workshop is to provide participants with some quick win strategies to make simple adjustments now in order to see improvements in the near term.  Resource materials and references will also be provided.

What You Will Learn: 

  • For managers new to cybersecurity, receive a foundational overview of the most current Federal policies and regulations and where to start
  • For experienced cybersecurity managers, receive a refresher and some new ways to prioritize and get quick wins when implementing the current regulations
  • Learn how small changes to cybersecurity governance and management can improve scores
  • Learn about current and future NIST Guidelines and Standards Requirements for All Federal Agencies
Why You Should Attend: 

  • Gain insight into new Federal cybersecurity regulations including FITARA, OMB, and Executive Orders on cybersecurity
  • Receive a refresher on implementing the NIST Risk Management Framework (RMF) and Cybersecurity Framework (CSF) in your organization
  • Obtain practical knowledge in implementing Federal requirements and regulations
  • Learn real world best practices that enable proactive risk management in resource-constrained environments
  • Learn how risk management and cybersecurity are essential for regulatory compliance
  • Discuss cybersecurity challenges with Federal, State and Local Governments colleagues
Who Should Attend: 

  • CISOs and Staff
  • CIOs and Staff
  • IT security and risk management practitioners
  • Program Managers responsible for risk management
  • Government Employees who want to better understand cybersecurity in their organization
  • Industry and Contractors who support cybersecurity programs for the government
  • All government and industry members who need to better understand Federal cybersecurity polices, regulations, and best practices 
Format: 

Instructor Presentations, Classroom Discussions, Panel Discussion, and Guest Speakers

Agenda: 

 

7:30 AM

Registration and Continental Breakfast

8:30

Welcome
Art Chantker, President, Potomac Forum

8:45

Keynote: 

Dr. Ron Ross
NIST Fellow and Author of the NIST Risk Management Framework and  numerous NIST Publications

10:00

Refreshment Break

10:15

Overview of the Cybersecurity Policy Landscape

  • OMB
  • NIST
  • DHS
  • Executive Orders (EOs) and Presidential Policy Directives (PPDs)

Ms. Veronica Cuello, Vice President, Cyber Solutions, eGlobalTech

10:45

Let’s Talk FISMA

  • Lessons Learned
  • New Initiatives
  • What Has Changed

Ms. Veronica Cuello, Vice President, Cyber Solutions, eGlobalTech

11:30

Integrating Security in the Mission -  an Enabler not an Inhibitor

  • Discussion on Cyber Hygiene
  • Simple Things to Improve Scores
  • Meeting Compliance Objectives thru FedRAMP – Current Thinking

Mr. Akil Crawford, Director, Cyber Solutions, eGlobalTech

12:15 PM

Hosted Working Luncheon
(Students will be presented with a discussion topic during lunch and a designated leader will report out after lunch)

1:15

Government Panel Discussion 

Lessons Learned Implementing Cybersecurity Mandates

panel members being confirmed

 

Moderator: Ms. Elizabeth Voeller, Director, Cyber Solutions, eGlobalTech

2:30

Refreshment Break

2:45

Cybersecurity Best Practices – Part I

  • High Level Road Map to IT Security Transformation
  • Concept of Compliance through Secure Operations
  • Case Study – Lessons Learned

Mr. Akil Crawford, Director, Cyber Solutions, eGlobalTech

3:45

Current Perspectives on Cybersecurity
Mr. Max Everett, Chief Information Officer, Department of Energy  

4:15

Cybersecurity Best Practices – Part II

  • Reducing Insider Threat at your Organization
  • If You Do Just One, Small Thing, Do This!
  • Importance of Cybersecurity Awareness – What you need to do and Why

Ms. Elizabeth Voeller, Director, Cyber Solutions, eGlobalTech

4:50

Wrap-up and Q&A

5:00

Workshop Adjourns

5:00

Post Workshop Discussions with Instructors on Specific Individual Topics

 

Agenda Subject to Change

Registration Information: 

  Early Bird Registration Fee Registering after Feb. 22th
Government Employees:
(Federal, State or Local Government Issued ID)
 $695 
Special Reduced Rates in Support of Government Budget Reductions
$795
Team Rate for Government: Send a government team to learn together. Register two government employees from the same office at the same time and the third person registers at 50% of the current government rate.
Industry and Contractors:
(Including contractors on-site and in direct support of government agencies).
$795
 
$895

Registration Includes: Presentations, Workshop Notebook, Continental Breakfast, All Day Refreshments and Hosted Luncheon

Keynote Speaker: 

Dr. Ron Ross

NIST FELLOW

Leader, FISMA Implementation Team

National Institute of Standards and Technology (NIST)

Leader, Joint Transformation Initiatives Interagency Working Group
Author of SP800-53 Rev 4

 

Ron Ross is a Fellow at the National Institute of Standards and Technology (NIST). His current areas of specialization include information security and risk management. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical information infrastructure. His recent publications include Federal Information Processing Standards (FIPS) Publication 199 (security categorization standard), FIPS Publication 200 (security requirements standard), NIST Special Publication (SP) 800-53 (security controls guideline), NIST SP 800-53A (security assessment guideline), NIST SP 800-37 (security authorization guideline), NIST SP 800-39 (risk management guideline), and NIST SP 800-30 (risk assessment guideline). Dr. Ross is the principal architect of the Risk Management Framework and multi-tiered approach that provides a disciplined and structured methodology for integrating the suite of FISMA standards and guidelines into a comprehensive enterprise-wide information security program. Dr. Ross also leads the Joint Task Force Transformation Initiative, a partnership with NIST, the Department of Defense, the Intelligence Community, the Office of the Director National Intelligence, and the Committee on National Security Systems to develop a unified information security framework for the federal government.

In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. A graduate of the United States Military Academy at West Point, Dr. Ross served in a variety of leadership and technical positions during his over twenty-year career in the United States Army.

While assigned to the National Security Agency, he received the Scientific Achievement Award for his work on an inter-agency national security project and was awarded the Defense Superior Service Medal upon his departure from the agency. Dr. Ross is a three-time recipient of the Federal 100 award for his leadership and technical contributions to critical information security projects affecting the federal government and is a recipient of the Department of Commerce Gold and Silver Medal Awards. Dr. Ross has been inducted into the Information Systems Security Association (ISSA) Hall of Fame and given its highest honor of ISSA Distinguished Fellow.

Dr. Ross has also received several private sector cyber security awards and recognition including the Vanguard Chairman’s Award, the Symantec Cyber 7 Award, InformationWeek’s Government CIO 50 Award, Best of GTRA Award, and the ISACA National Capital Area Conyers Award. During his military career, Dr. Ross served as a White House aide and as a senior technical advisor to the Department of the Army. Dr. Ross is a graduate of the Defense Systems Management College and holds Masters and Ph.D. degrees in Computer Science from the U.S. Naval Postgraduate School specializing in artificial intelligence and robotics.

Instructors: 

Akil Crawford

Akil Crawford is a Cyber Solutions Director at eGlobalTech, a management consulting and cybersecurity firm headquartered in Arlington, VA. Akil is responsible for the delivery of cyber services to the firm’s federal clients. He also leads the development of new capabilities and supports business development and capture efforts. Prior to joining eGlobalTech, Akil served as the Director of Data Security at Function1, a systems integrator, and Splunk’s first services partner. At Function1, Akil helped commercial customers to turn COTS products into complete cybersecurity solutions. In this role, Akil provided support to some of US’ largest credit card lenders, and one of the largest hedge funds in the world. In addition to this experience, Akil has supported several federal and state government clients in security operations and security compliance efforts. His technical background as a software engineer and product specialist have been invaluable to him as a security practitioner. Akil believes that security should be positioned as an enabler to an organization’s mission, rather than as an obstacle that must be overcome in order to serve the mission.

Veronica Cuello

Vice President, Information Assurance & Cybersecurity

eGlobalTech

Veronica Cuello is the vice president of information assurance and cybersecurity (IA&C) for eGlobalTech (eGT), a leading technology and cybersecurity consulting firm in the federal government sector. In this role, she is responsible for leading the entire IA&C practice - comprised of more than one hundred professionals - as well as expanding eGT’s cybersecurity arm into new markets. She has more than 17 years of experience in providing consulting and advisory services for federal government contracts within the information assurance field, as well as experience with the Federal Information Security Management Act (FISMA), cyber risk management and cryptography.

Prior to eGT, she was a senior associate at Booz Allen Hamilton and served as director of cybersecurity at Visual Soft, Inc. Cuello received her Bachelor of Arts degree from Vassar College and her Master of Science in technology management from the George Mason University School of Management. She currently holds various professional accreditations, including Project Management Professional (PMP), Certificate in Federal Executive Competencies, Certified Information Systems Security Professional (CISSP), International Information Systems Security Certification Consortium (ISC2), INFOSEC Assessment Methodology (IAM), Global Information Assurance Certification (GIAC), Security Essentials Certification (GSEC), Certified RSA Advanced PKI Engineer, A+/Network+ Certification and Computing Technology Industry Association (CompTIA).

Elizabeth Voeller, PMP, ABCP

Incident Response, Emergency Management, Cyber Risk Management/Security Consultant

Director of Operations of the Mid Atlantic Disaster Recovery Association (MADRA)

Director,  eGlobalTech (eGT)

 

Elizabeth Voeller is a Director at eGlobalTech where she provides consulting support on cyber risk management, incident response, emergency management, and strategic communications to the Chief Information Security Officer (CISO) at the Department of Health and Human Services (HHS) Office of Information Security. Prior to that, Ms. Voeller spent 8 years at Booz Allen Hamilton as a Lead Associate supporting Federal business continuity/COOP, critical infrastructure analysis, strategic planning and communications, and emergency management programs. She has facilitated national level exercises and senior leadership meetings for the Department of Homeland Security (DHS), written Congressional briefings for the Federal Emergency Management Agency (FEMA), drafted and rolled out national-level plans for DHS, and developed pandemic response tools and emergency communications curriculum for the Department of Defense (DoD) PACOM and USAFRICOM. She has a Masters degree in International Affairs from American University and an Bachelors degree in Political Science and English from Hamline University in Saint Paul, MN. Ms. Voeller is currently the Director of Operations of the Mid Atlantic Disaster Recovery Association (MADRA), a certified Project Management Professional (PMP), a DRII-certified Associate Business Continuity Professional (ABCP), and CompTIA Security+ Certified.

Max Everett

Chief Information Officer

Department of Energy

Max Everett was selected in July 2017 to serve as Chief Information Officer (CIO) for the Department of Energy. In this position, he oversees the Department’s information technology (IT) portfolio, serves as an advisor to the Deputy Secretary and Secretary, and leads and manages the various functions within the Office of the Chief Information Officer.
Mr. Everett has vast experience in managing and implementing information technology and cybersecurity for both public and private sector organizations.
Most recently, Mr. Everett served as Managing Director of Fortalice Solutions, leading cybersecurity risk assessments, advising clients on risk management, and developing secure infrastructure solutions.

He has previously worked as a consultant for public and private sector organizations, supporting development of network security services, cloud security policies, and cyber information sharing programs.

In 2008, Mr. Everett served as Chief Information Officer in the Office of Administration at the White House, managing the technology infrastructure for the Executive Office of the President, the technology requirements of the Presidential transition, and the Presidential records transfer to the National Archives and Records Administration (NARA). Mr. Everett has held additional technology leadership roles at the White House, the Department of Commerce, and on several National Special Security Events.

Mr. Everett received a B.A. degree from the University of Texas and a J.D. degree from the University of Houston Law Center, and is a member of the State Bar of Texas. He holds a number of professional certifications including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and Project Management Professional (PMP).

Cancellation Policy: 

Confirmed registrations who cancel within 3 business days of the program will be subject to a $250 cancellation fee. Registrations cancelled after the program starts are subject to the full registration fee. Substitutions can be made at any time. In the event a particular training workshop is cancelled, the liability of Potomac Forum, Ltd is limited to refund of any prepaid registration fee.

  • © 2017-2018 Potomac Forum Ltd. All Rights Reserved
    Copyright also covers all workshop agendas and descriptions
  • 2800 Eisenhower Avenue, Suite 210, Alexandria, Virginia 22314