• GCN
  • WT
  • DS

Download this eBook to learn what you missed at FCW’s Face-to-Face event held on May 11, 2016.

For close to a decade the Obama administration has been putting together the components of a system to automate the identification and response to security breaches in government agencies. The move toward security and monitoring as-a-service is based on a consensus that fixed network defense technologies have not lived up to their promise to protect federal networks.

Tools are now emerging to identify and block critical threats to agency systems -- as they happen. The federal government has set up channels providing agencies accelerated access to these technologies in the coming year. They include Phase 2 of the Homeland Security Department’s Continuous Diagnostics and Mitigation (CDM) program, which will provide agencies technologies for monitoring their networks via sensors or as a service.

The CDM program specifies 15 monitoring features that can be performed by agency sensors or provided as a service and fed into enterprise level dashboards. Another set of tools under DHS’s Einstein 3 program offers agencies managed intrusion detection as-a-service to detect malicious traffic entering their networks. So far Einstein has thwarted 650,000 requests to access malicious websites, according to DHS.

The demand for more dynamic, always-on security tools can hardly be more urgent given agencies’ record in setting up conventional defenses. In an April 2015, report, the Government Accountability Office found 23 out of 24 agency inspectors general cited information security as a major challenge at their agency. Meanwhile cyber-attacks on agencies have jumped from less than 6,000 in 2006 to over 65,000 in 2014, says GAO. To help agencies obtain security tools to meet these threats, the 2016 federal budget called for $102.6 million for CDM and $479.8 million for network security, including Einstein 3.

This ebook will provide federal agency IT and security managers an update on options available to them for acquiring the hardware and tools necessary to establish baseline threat and cybersecurity monitoring services at their agencies.

Topics addressed include:

  • How to implement a CDM program at your agency
  • Preparing for the upcoming 2nd and 3rd phases of the CDM program
  • CDM and Einstein 3 security acquisition basics
  • Continuous monitoring toolkit: dashboards, sensors, and services
  • Automated security threat sharing initiatives
  • Options for CDM identity and authentication management

Featured Speakers:

  • Dan Carayiannis
  • Federal Director, RSA Archer
  • Click for Bio

    Over the last 30 years Mr. Carayiannis has held several executive positions as President, COO and Vice President with several information technology, IT security, geospatial and services companies servicing federal and commercial enterprise customers. Mr. Carayiannis has been with RSA for the last 6 years and in his current assignment is serving as the RSA Archer Federal Director. Mr. Carayiannis' organization is responsible for providing Archer solutions to Federal marketplace and was instrumental in securing the recent DHS CDM Dashboard award where RSA Archer will be deployed and use across all federal civilian departments and agencies. Prior to RSA, Mr. Carayiannis was the Vice President at Brabeion Software a GRC software company specializing in policy and risk management solutions. Prior to Archer's acquisition of Archer, Mr. Carayiannis served as the President and COO of Susquehanna Technologies a leading software services and development company supporting federal and commercial clients with custom software solutions and managed services. Mr. Carayiannis holds a BBA from James Madison, an MBA from Marymount University and was awarded a Duke University Executive Development Program certificate. Mr. Carayiannis is an active AFCEA member and has served on university and business advisory boards. A Virginia native, Mr. Carayiannis resides in Centreville, VA with his wife Vicki and two children.

  • Troy Johnson (DISL)
  • Director, OPNAV N2/N6 Navy Cybersecurity Division, U.S. Navy
  • Click for Bio

    Mr. Johnson served 22 years in the US Navy as a Cryptologist and Information Operations (IO) Planner. He became a member of the federal civil service in 2004 and was appointed to the Intelligence Community Senior Leadership Corps in 2012. Mr. Johnson’s service to the Navy and DoD has spanned over 30 years.

    As Director of the OPNAV N2/N6 Navy Cybersecurity Division, Mr. Johnson leads the Echelon I organization responsible for executing cyber functions and tasks on behalf of DCNO (N2/N6). Prior to his current role, Mr. Johnson led the Task Force Cyber Awakening (TFCA) Cyber Security Task Group which conducted a CNO-directed enterprise-wide assessment of the Navy’s cyber security posture.

    Before being appointed to TFCA, as Director of Capability Integration (N2/N6FX) Mr. Johnson integrated wide-ranging capabilities such as communications, intelligence, surveillance, reconnaissance and electronic warfare to provide a seamless capability for the fleet as they pursued information dominance in Joint operations. These systems represented more than 180 programs and $50B across the Future Years Defense Plan (FYDP).

    He has served in Europe, Asia and on the East and West coasts within CONUS. His assignments have been afloat and ashore, both technical and managerial. Ashore, he has served as an Electronic Maintenance Officer, Operational Planner, Global Network Operations Officer and the Navy’s Operational Designated Accrediting Authority. Afloat, he served as Cryptologic Officer, Intelligence Officer and Electronic Warfare Officer.

    A California native, Mr. Johnson holds a Bachelors Degree in Physics from the University of South Carolina and a Masters Degree in Systems Engineering (Information Warfare Curriculum) from the Naval Postgraduate School.

  • Jack LeGrand
  • Manager, Federal Programs, Dell Federal
  • Click for Bio

    Jack LeGrand has been in IT security for over 24 years. He has worked in the financial services industry establishing and designing technologies to securely communicate with the Federal Government in the early 1990’s. In addition, he was the network planner for a $2 billion dollar retail organization with 2000 locations worldwide.

    In the late 1990’s he established an IT Security firm that provided advanced strategic and integration services to public sector and commercial organizations throughout the DC corridor.

    Simultaneously, Jack founded a regional organization associated with the FBI, focused on infrastructure protection and cybersecurity. This organization and its members were responsible for identifying many threats to the national infrastructure, 2-3 criminal cases per year and in one case, contributed to the identification of an Al Qaeda cell that was located in Virginia.

    Prior to coming to Dell Federal, Jack held additional roles in two other security technology leader’s organizations – Check Point Software and RSA Security. Jack now covers the broad and expanding portfolio of Dell offerings in the Civilian space.

    Jack LeGrand is from Virginia Beach, Virginia.

  • Esteve Mede
  • Chief Information Security Officer, Federal Election Commission
  • Click for Bio

    Esteve Mede is the Chief Information Security Officer for the Federal Election Commission (FEC). He is responsible for ensuring the agency has a well-defined and well-executed cybersecurity program, and he is responsible for coordinating cybersecurity standards, policies and procedures within the agency and provide mentorship to state agencies similar to the FEC on Cybersecurity.

    Prior to the FEC Mr. Mede had the privilege of serving 6 years in the US Army. He worked USPTO as a Patent Examiner in the field of Information Security and Cryptography. He served at the Department of Commerce as an Information Technology Security Officer before leading the IT shop for the Postal Regulatory Commission.

    Mr. Mede holds a Bachelor degree in Computer Science from Campbell University, Buies Creek NC and a Master degree in Information Assurance from Capitol Technology University, Laurel MD.

  • Jim Piché
  • Group Manager, Federal Systems Integration and Management Center, General Services Administration
  • Click for Bio

    Jim Piché is a Group Manager at GSA FEDSIM and has overall responsibility for the management and administration of FEDSIM's IT Projects at the Department of Homeland Security (DHS), including Continuous Diagnostics and Mitigation (CDM) Program, Enterprise Networked Services Support (ENSS), and the Technology Integration Program (TIP) at St. Elizabeths - the future home of DHS. Mr. Piché has a career spanning over 20 years in major systems acquisitions and program management, and includes assignments at U.S. Coast Guard, Army PEO EIS, Department of State, DHS, U.S. Mint, NAVSEA and SPAWAR. Prior to his assignment at FEDSIM, Mr. Piché was the Customer Service Director for Navy Enterprise Business Solutions. Mr. Piché holds a Bachelor of Science in Naval Architecture and Marine Engineering from the U.S. Coast Guard Academy.

  • James Quinn
  • Lead System Engineer CDM Program, Department of Homeland Security
  • Click for Bio

    Mr. Quinn currently serves as the Lead System Engineer for the CDM program for Department of Homeland Security, where he is the primary technical point of contact for the $6B CDM BPA and the CDM Dashboard contract. Prior to this position, he served as NPPD Deputy CTO, after being the DHS HQ Deputy CISO for DHS Enterprise Services.

    He original came to DHS in 2002 as the Senior Engineer/Architect for the IT Services Organization supporting the DHS Office of the CIO and served as the key designer of the majority of the Department’s IT services.

    Before joining Homeland Security, Mr. Quinn had over thirty years of experience in the network and system development space for Alcatel, Cabletron and Digital Equipment Corporation.

    Before joining Digital, Mr. Quinn was on the faculty of the State University of Albany as the Academic Services Research Lead. He served in the US Army as an Operations Research/System Analyst working on determining cost effectiveness for future artillery weapon systems.

    Mr. Quinn hold a B.Sc. (Honours) in Theoretical Mathematics with a minor in Research Methods from Saint Mary’s University, Halifax, Nova Scotia and has received recognition from: International Who’s Who in Information Technology, Who’s Who in Global Business Leaders, and Who’s Who in America, GISLA (2013) and NextGov Bold (2014).

  • Peter Romness
  • Cybersecurity Solutions Lead, U.S. Public Sector, Cisco
  • Click for Bio

    Peter Romness is the Cybersecurity Solutions Lead for U.S. Public Sector at Cisco. He has been helping Government customers achieve their missions throughout his 30 years of experience at companies such as Cisco, Hewlett-Packard, AT&T and Panasonic. His current focus is helping Government leaders protect their organizations from cybersecurity threats. Responsibilities include bringing Cybersecurity solutions to market, developing new Cybersecurity solutions for governments in the US, and helping the IT community understand the latest architectural solutions available to protect their employees, organizations, and intellectual property. Though Peter has an engineering degree, his passion is to make Cybersecurity easier to understand and to take action upon for non-technical business leaders, non security staff as well as the seasoned security team.

  • Troy K. Schneider
  • Editor-in-Chief, FCW & GCN
  • Click for Bio

    Troy K. Schneider is editor-in-chief of FCW and GCN. Connect with him on Twitter: @troyschneider.

  • John Stoner
  • Federal Security Strategist, Splunk Inc.
  • Click for Bio

    John Stoner joined Splunk in 2015 as a Federal Security Strategist. In his current capacity, he leverages his years of knowledge around Log Management, Compliance, SIEM, SOC operations and threat intelligence to provide better situational awareness and analytics in support of federal and state agencies. Previous to joining Splunk, he supported the Intelligence Community and other Federal Government customers as a Systems Engineer at ArcSight and led the Public Sector systems engineering team following the acquisition of ArcSight by HP. Before HP, he was at Symantec in a series of expanding technical positions including Lead Principal of their Cyber Threat Analysis Program. John has presented at various industry symposia, including SANS CDI, DHS GFIRST and DoD Cybercrimes Conference and has briefed members of the US Congress and other senior government leaders on the cyberthreat landscape. John holds a B.S. in Quantitive Business Analysis from Penn State University.

  • Clif Triplett
  • Senior Cyber Security Advisor, Office of Personnel Management
  • Click for Bio

    As OPM’s Senior Cyber and Information Technology Advisor, Clif Triplett will help fulfill OPM’s commitment to strengthening our cybersecurity posture. He will work to advance the agency’s cybersecurity-related goals and collaborate with a broad spectrum of interagency partners and stakeholders.

    Clif comes to OPM with 30 years of broad executive management experience. During his career, he has helped the U.S. military and major private sector companies protect their information by deploying technology effectively and efficiently while also assuring the operational integrity of their systems.

    He has significant experience with some of America’s largest companies and industry leaders in the global defense, telecommunications, oil field service, tractor, automotive, and aerospace industries. At Cisco, Clif and his team were recognized as the Security Innovators of the year in the Energy Sector. While at HP, he was named the company’s Software Partner of the Year. And at Motorola, Clif’s security team consulted and managed security for many companies and government agencies. Their specialty was mobile security.

    Before joining OPM, Clif was a managing partner at SteelPointe Partners, a management consulting company recognized for assisting companies worldwide.

    Prior to his private sector experience, Clif had a distinguished military career. He worked on Top Secret and other advanced technologies in the protection and defense of the U.S. Nuclear Command and Control Systems. He was awarded the Defense Meritorious Service Medal for his work on the security architecture of today’s War Planning and Logistics systems – JOPES (Joint Operations Planning and Execution System).

    Clif has a bachelor’s degree from the U.S. Military Academy at West Point and a master’s degree in computer information systems from Boston University. Clif and his wife are from Houston and have two grown sons.

Presented By

Sponsored By