See inside for strategies
and tools to make your
network airtight!
presents its 2nd Annual:
See page
#3 for details!
Combating asymmetric cyber attacks
Network Defense Focus Day: May 18, 2009
Washington, DC Area
Main Conference Sessions: May 19 - 20, 2009
Critical Infrastructure Focus Day: May 21, 2009
Gain the latest from cyber Hear from an unrivalled speaker faculty
security researchers and that includes:
decision makers on:
Brig Gen Michelle Johnson, USAF, Roberta G. Stempfley
Deputy Director, Global Effects and the Deputy CIO and Vice
Protecting critical infrastructure from
•
War on Terrorism, The Joint Staff Director for Strategic
cyber attack
Planning, Defense
Brig Gen Mark Schissler, USAF
Best practices for network testing and Information Systems Agency
•
Director of Cyber Operations, Deputy
evaluation
Chief of Staff for Operations, Plans and Top Army, Navy, OASD,
Strategies for countering the persistent
• Requirements Department of Energy
and evolving cyber threat representation and more!
Robert “Scott” Jack II, SES
Outlooks for the future of cyber defense
•
Air Force Senior Information Assurance See inside for a complete
Officer, Office of Warfighter Integration speaker roster!
and Chief Information Officer
Media partners:
Register Today by email: sherryl.jacobs@idga.org

Main Conference Sessions
DAY 2: Wednesday, May 20, 2009
DAY 1: Tuesday, May 19, 2009
Registration and Coffee Registration and Coffee
7:15 7:15
Chairperson’s Opening Remarks
8:00 Chairperson’s Opening Remarks
8:00
Cyber Security Priorities for the New Administration
8:10 The Holistic Defense-in-Depth Strategy
8:10
Towards a comprehensive national security strategy for Cyberspace
•
The problem
•
Keynote
Perspective
Increasing security of data
•
The methodology
•
Army
Improved public-private cyber operations
•
The model
•
Lt Gen (Ret) Harry D. Raduege, Jr., USAF, Co-chair, CSIS • The resources
Commission on Cybersecurity for the 44th Presidency
COL Mike Jones, USA, Acting Deputy Cyber Chief, Army
CIO/G6
Engaging the Persistent and Evolving Threat
8:50
Keynote
Cyber strategy evolution
•
Ensuring Cyber Dominance
8:50
Army’s role in cyber space
•
Securing US cyber assets
•
BG Steve Smith, USAR, Chief of Cyber Operations, Army CIO/G6
Joint
Staff
Developing cyber capabilities
•
Cyber Security Priorities for the Defense Information Col James Gass, USMC, Chief, Computer Network Operations
9:30
Systems Agency Division, Operations Directorate, the Joint Staff
Acquiring, fielding and supporting global net-centric solutions
•
Keynote
Information assurance and management of DISA information NETWORKING BREAK
•
9:30
technology resources leadership
• Support in a wide range of agency and DoD information
10:15 Defense Critical Infrastructure Program
management initiatives • Ensuring the availability of networked assets
Roberta G. Stempfley, Deputy CIO and Vice Director for Strategic • Assessing and enhancing asset security
Planning, Defense Information Systems Agency
Critical Infrastructure Antwane Johnson, Director, Defense Critical Infrastructure
Program, OASD (HD&ASA)
10:10 NETWORKING BREAK
10:55 Modeling and Simulation of Network Security in
10:55 ISIM Committee Successes and Challenges
Industrial Control Networks
• Identifying high priority security and identity management initiatives
Networking technology employed in network security
•
• Developing recommendations for policies, procedures, and standards
Network-based attacks on networked critical infrastructure
•
Dr. Richard Etter, Deputy Senior Information Assurance Officer for
• The effectiveness of defense against attacks
Computer Network Defense, Department of Navy
Dr. David Nicol, Professor Department of Electrical and
11:35 Enterprise Vulnerability Management - Proactive Computer Engineering, University of Illinois, Urbana-Champaign
Threat Monitoring and Risk Management Use Case
The core components of a secure environment 11:35 LUNCH
•
Bringing together security data from many perspectives
•
Challenges & results
•
Implementing a Unified Cyber Security Strategy
1:05
Chris Ensey, Cyber Security Specialist, IBM Federal Software Group Network threats and challenges
Afternoon
•
Keynote
Cyberspace roles
•
12:15 LUNCH
Brig Gen Mark Schissler, USAF, Director of Cyber Operations,
Deputy Chief of Staff for Operations, Plans and Requirements
Information Assurance in the 21st Century
1:30
Afternoon
Building capabilities in cyber space
Keynote
•
Information Assurance at NSA
1:45
Assuring information in the joint military space
•
Defending our networks
•
Robert “Scott” Jack II, SES, Air Force Senior Information Assurance
Challenges
•
Officer, Office of Warfighter Integration and Chief Information Officer
• Areas of emphasis
Richard Schaeffer, Director, Information Assurance, National
Cyber Security Strategy in the Years to Come
2:10
Afternoon
Security Agency
Combating the terrorist threat online
•
Keynote
Assessing US readiness
•
NETWORKING BREAK
Brig Gen Michelle Johnson, USAF, Deputy Director, Global 2:25
Effects and the War on Terrorism, The Joint Staff
Providing Information Assurance in a Collaborative
2:55
NETWORKING BREAK
2:50 Environment
Sharing assured information
•
Cyber Security Liabilities and Obligations
3:20 Maintaining information integrity
•
Losses and exposures due to hostile technology as significant
•
James Haas, Acting Deputy Associate Director of National
liability issues
Intelligence for IC Information Assurance
When to and how to involve law enforcement in your data
•
breach crisis
Assessing Cyber Security Readiness
3:35
William J. Cook, Partner, Wildman Harrold Allen & Dixon
19 point cyber assessment criteria
•
The best cyber assessment tools and methods
•
CERT Resiliency Engineering Framework
4:00
• Broadly applicable results
Merging operational risk and resiliency management activities
•
Brian Isle, Chief of Operations, Adventium Labs
Process improvement to enhance security
•
James Stevens, Senior Member of the Technical Staff, Software
END OF CONFERENCE
Engineering Institute 4:15
END OF DAY ONE
4:30
Register today by email: sherryl.jacobs@idga.org
2

Network Defense
Network Defense Focus Day Focus Day Monday May 18, 2009
This in-depth and interactive Focus Day will examine the best practices and new research in:
• Penetration Testing • Bot Detection • Software Assurance
Registration & Coffee
8:00 am – 8:30 am
Deploy Secure Software
8:30 am–10:30 am
Application Threats and Attacking the Root Cause
What will be covered:
This session will give an overview of the state of application threats,
• How hackers exploit flaws in applications
provide insights into the roots of the problem, and review how customers
• Pros and cons of automated and manual testing
like the United States Air Force are using best practices for software
• How to improve security in the software development process
assurance. Part of building a software assurance process in any
organization is education. To ensure that we are deploying secure
How you will benefit:
software, developers must follow best practices and must be aware of • Increase your awareness of security flaws in applications
the latest security issues as they are developing code. In today’s • Learn best practices to try in your own software development process
constantly evolving security environment this can become a daunting task
Session Leader:
with new exploits hitting the internet on a regular basis. Automated tools
Ray Lintner, Security and Compliance Specialist, Rational Software
are key to keeping up with the threats and improving the SDLC process
IBM
provided that the information derived can be used to educate the users.
Augmenting these tools with manual penetration testing can further
enhance the applications software assurance. This presentation will dig
into the state of manual and automated testing, discuss the pros and
cons and drill down into the best practices and how they can be applied
at all levels of the software development life cycle.
Keep Your Network Bot Free
10:30 am-12:30 pm
Enhancements to Large Scale Network Monitoring for Bot Detection
What will be covered:
The threats faced by contemporary networks, particularly the
• Detecting the determined and skilled attacker
government's, cannot be fully addressed by automated intrusion
detection approaches. Signature-based instruction detection is necessarily
How you will benefit:
focused on known attacks. Anomaly-based intrusion detection is • Gain the skills to identify threats undetected by automated testing
designed for detecting the unusual, which may or may not correlate well
methods
with attack activity. The motivated attacker has a strong interest in
Session Leader:
subtlety. For the purposes of this presentation, we will focus on the
Markus De Shon, Senior Member of the Technical Staff, Software
collection of data appropriate to the identification of malicious network
Engineering Institute
agents, specifically bots. The new data would include some application
layer data, which by itself is not necessarily malicious, but when analyzed
along with network traffic summaries, would permit a skilled analyst to
identify novel bot agents that do not trigger existing IDS signatures.
Lunch will be served
12:30 pm – 1:30 pm
Secure Open Source Applications
1:30 pm - 3:30 pm
The Challenge of Software Assurance: Open Source, Foreign, and COTS Software
in Today's Software Ecosystem
Emerging technologies and practices that can help to assure software,
Modern software assurance poses enormous challenges to both software •
particularly software on modern multicore processors
developers and their client organizations. The good news is that there are
Case studies on tools and on particular systems
significant recent developments in tooling and practices that are changing •
the game for developers, teams, and evaluators. Our workshop session:
How you will benefit:
(1) identifies principal software assurance challenges in the modern software • Gain an appreciation of the assurance challenges of the emerging
ecosystem, (2) examines best practices for software assurance, and modern software ecosystem
(3) explores the details through case studies in tools, team practices, and • Develop an understanding of the emerging assurance techniques and
assurance challenges from particular systems. practices both for development teams and for evaluators
• Sn exposure to code-level knowledge of effective approaches to
What will be covered:
software assurance than can help produce to better software
• Software assurance, with a focus on cyber security, as applied to
complex modern systems involving framework, libraries, open source Session Leaders:
components, custom code, etc Tim Holloran, Director of Engineering, SureLogic
Improve Your Testing Methods
3:30 pm – 5:30 pm
Lessons Learned From Red Team and Blue Team Training Exercises
What will be covered:
The Department of Energy Office of Electricity Delivery and Energy
Reliability (DOE-OE) National SCADA Test Bed (NSTB) has developed a • INL's involvement in the NSTB program
Red Team/Blue Team training exercise based on the assessments done on • Cyber security assessment for SCADA and control systems
the Supervisory Control and Data Acquisition (SCADA) Energy • Typical agenda for the Red Team/Blue Team training exercises
Management Systems (EMS). The Idaho National Laboratory (INL) is part • Outcomes of Red Team/Blue Team training exercises
of the NSTB focusing on the vulnerability assessments for SCADA/EMS
How you will benefit:
and control systems used in the energy sector. INL has performed 24
• Gain insight into asset owner and vendor lessons learned
assessments for the NSTB including 7 field assessments. The cyber
security assessments are done under cooperative research and Session Leaders:
development agreements with vendors and asset owners. These Rita Wells, Energy Sector Policy Lead, Critical Infrastructure
assessments require a multi discipline team including cyber security Protection/Resilience, Idaho National Laboratory
research involvement ranging from 275 hours for field assessment to 900
hours for in-lab assessment. The Red Team/Blue Team training exercise
was developed from the experiences from these assessments.
Register today by email: sherryl.jacobs@idga.org
3

Cyber Security for Critical
Infrastructure Focus Day
Cyber Security for Critical
Thursday, May 21, 2009
This in-depth and interactive classroom style workshop day will examine best practices for securing process control systems and
Infrastructure Focus Day the electric power grid.
Registration, Coffee & Opening Remarks
8:00 am – 8:30 am
Securing the New Energy Grid!
8:30 am–9:30 am
Cyber Security in Renewable Energy Integration
What will be covered:
This presentation will present the unique challenges, as well as opportunities, in
• Unique challenges and opportunities
securing cyber operations in energy infrastructures that include renewable
• Integration and technology topics
systems. Renewable energy will only become more prevalent in energy systems.
How you will benefit:
Integration of these resources into the existing grid will require increased
• Gain an understanding of the unique challenges in securing renewable systems
interconnectivity, and may eventually interface with smart grid technology.
• Learn about future architectures used in renewable energy systems
Interconnectivity and information control will occur at energy transmission and
Session Leader: Dan Ton, Systems Integration Lead, Solar Energies
distribution levels. Cyber security will be required in design and application of
Technology Program, Energy Efficiency and Renewable Energy,
these infrastructures to ensure reliability and safety in the future.
Department of Energy
Mitigating the Risk to your Process Control System!
9:30 am – 10:30 am
Cyber Security for Process Control Systems: Risks and Mitigations
What will be covered:
Cyber security plays a critical role in process control systems and their ability to
• Characterization of risks to process control systems
provide safe and reliable national critical infrastructure services. Understanding
• Translation of these risks to business and operational impacts
risk and the subsequent business and operational impacts can help in developing
How you will benefit:
a path forward to securing operations that includes technology, plans, policies,
• Learn how to mitigate your cyber risk
standards, and guidelines. Critical infrastructure connectivity will only increase,
• A path forward toward meeting security objectives and effective mitigations
but achieving secure operations without significant resources is possible with
Session Leader: Annie L. McIntyre, Senior Member of Technical Staff,
planning and solid application of technology and processes.
Energy Systems Analysis, Sandia National Laboratories
10:30 am - 11:15 am Networking Break
Eliminate Network Vulnerabilities!
11:15 am - 12:15 am
Cyber-security for Industrial Control Networks:
An Overview of Vulnerabilities and Some Possible Solutions
Risk assessment for industrial control networks
Many key segments of our modern industrial infrastructure are regulated by •
Security-hardened field equipment
control signals which are distributed over computer based networks. During the •
How you will benefit:
past 20 years these networks have become increasingly vulnerable to electronic
• Learn about hybrid intrusion detection approaches
intrusion and they now pose a significant threat to our national security. This
• Gain an understanding of communications protocol security enhancements
talk will present an overview of the vulnerabilities of these networks and some
Session Leader: Dr. James H. Graham, Henry Vogt Professor and Chair of
possible corrective measures.
Electrical and Computer Engineering, University of Louisville
What will be covered:
• SCADA networks and their vulnerabilities
LUNCH
12:15 pm – 1:30 pm
Understand the Consequences of an Attack on the Electric Grid!
1:30 pm – 2:30 pm
Electric Power Consequence Modeling
What will be covered:
This presentation will help delegates understand the consequence associated
Quantify consequences relevant to stakeholder's business/operational roles
with electric power disruptions to allow better risk decisions. It will cover •
Determine consequences of impacts in terms of stakeholder's business/ operational roles
identifying strategic risks, as well as developing and integrating protective •
How you will benefit:
measures utilizing MIT/Sandia developed consequence analysis method,
• Identify where mitigations could be implemented in order to lower consequences
produce a value tree that represents the consequences that are associated with
Session Leader: Bryan Richardson, Senior Member of Technical Staff, Sandia
losing physical system components.
National Laboratories
What are the Physical Consequences of a Cyber Attack?
2:30 pm – 3:30 pm
Impacts from Cyber Attack on Electric Power Grid Reliability
How you will benefit:
A unique aspect of attempting to provide cyber security to a process control
Determine benefits in terms of grid performance for potential cyber security
system is the possibility of a resulting physical consequence following a cyber •
investments that can reduce the probability of attack
intrusion. This session will present the findings of a recent study from Sandia
Session Leader: Jason E. Stamp, Ph.D., Principal Member of the Technical
National Laboratory that highlights the physical impacts of a cyber attack.
Staff, Sandia National Laboratories
What will be covered:
• Quantitatively determine impacts to grid reliability caused by ongoing attacks
leading to outages
3:30 pm – 4:30 pm
Interactive Panel Discussion
Panelists Include: Dan Ton, Department of Energy; Annie McIntyre,
All of the day’s speakers take audience questions and discuss the latest in critical
Sandia National Laboratory; Dr. James H. Graham, University of
infrastructure protection. This is your opportunity to exchange ideas with both
Louisville; Bryan Richardson, Sandia National Laboratory; James E. Stamp,
the speakers and delegates in an open forum which facilitates creative and
Sandia National Laboratory
collaborative solutions.
Register today by email: sherryl.jacobs@idga.org
4

Who Will Attend:
IDGA’s 2nd Annual Cyber Security for
National Defense will bring together the
thought leaders and decision makers
responsible for securing US cyber assets
against the persistent and evolving cyber
threat. The following job titles are just a
few of the types of people you will meet:
Dear Colleague,
Director of IT & Information
•
Cyber attacks are quickly rising to Resource Management
the top of the nation’s security inter
ests and for good
reason. The consequences of a cybe
r attack are potentially massive
Director, Future Operations
with experts,
such as Scott Borg, Director and Chie •
f Economist of the US Cyber Cons
equences Unit,
suggesting that the result of a coor
dinated cyber attack will cause dam Chief Network Technology Architect
•
age equivalent to
40 or 50 large hurricanes striking
an area at once. The aftermath of
such an attack
will be more severe than the Grea Chief Technology Officer
•
t Depression!
Chief Engineer
Unfortunately, the cyber threat is •
not an abstract concept that will
only need to be
met in the future. As cyber attacks
Chief, Network Lethality &
in Estonia, Georgia, and even here •
in the US have
proven, the cyber war is upon us
and we must be ready to meet its Intelligence Systems
challenges.
IDGA’s 2nd Annual Cyber Security
for National Defense is a forum
for decision
makers, thought leaders, and cybe
r security professionals to come toge
ther and discuss:
Protecting America’s Critical Infrastruc
•
Here’s what attendees are
ture
Developing a Unified Strategy for
•
Defending Cyber Assets
saying about IDGA conferences:
Mapping out the Future Needs and
•
Direction of America’s Cyber Secu
rity
Join our distinguished lineup of spea Realistic transformational guidance and
kers as we tackle community-wide
cyber security field. Don’t delay – issues in the
register today by sending an ema recognition of acquisition challenges!
il to Sherryl Jacobs
at sherryl.jacobs@idga.org or by
calling 1-416-597-4710 or by faxin
g the registration
form on the last page of the broc Allen Houlihan, Business Development,
hure to 416-598-7934.
Raytheon
I look forward to meeting you in Wash
ington in May!
On target – Outstanding
Very Respectfully,
Department Head, SATCOM
o register
P . Be sure t
.S
rk Defense
for the Netwo
Timothy Sienrukos
y 18, 2009.
Focus Day: Ma
Program Director
IDGA’s Cyber Security for National
or details!
Defense
Se e page 3 f
Sponsorship and Exhibition Opportunities
To learn more about these and other marketing opportunities, please phone Sherryl Jacobs at 1-416-597-4710 or via e-mail at sherryl.jacobs@idga.org
Feel free to request information about sponsoring our upcoming webinars and I will refer you to the appropriate department.
Pricing
Team Discounts*
Military, Government & Book & Pay by Book & Pay by Standard
Number of Attendees Savings of:
Academia March 30 April 27 Price
3 to 4 10%
Pre-Conference Workshop Day 5 or more 15%
(Mon-May/18) $500 $500 $500
* Discounts apply to registrations submitted together, at the same time. Cannot be combined
Main Conference
with any other discount.
(Tues-Wed May 19-20) $799 $899 $999
Post-Conference Workshop Day
MAKE CHECKS PAYABLE IN U.S. DOLLARS TO: IDGA Please refer to
(Thu May 21) $500 $500 $500
www.idga.org/cancellation for
Superpass A $99 processing charge will be assessed to all registrations
cancellation, postponement and
(all 4 days) - Best Deal! $1,699 $1,799 $1,899 not accompanied by credit card payment at the time of
substitution policy
registration.
Venue and Lodging:
* CT residents or people employed in the state of CT must
Book & Pay by Book & Pay by Standard
Industry Contact me directly for venue and lodging
add 6% sales tax.
March 30 April 27 Price information
Details for making payment via EFT or wire transfer:
Special Dietary Needs: If you have a
Pre-Conference Workshop Day JPMorgan Chase
dietary restriction, please contact Sherryl
(Mon-May/18) $650 $650 $650 Penton Learning Systems LLC dba IQPC: 957-097239
Jacobs at 1-416-597-4710 to discuss your
ABA/Routing #: 021000021
Main Conference specific needs.
Reference: Please include the name of the attendee(s)
(Tues-Wed May 19-20) $1,299 $1,399 $1,499
andthe event number: 13553.002 ©2009 IDGA. All Rights Reserved. The
Post-Conference Workshop Day format, design, content and arrangement
Payment Policy: Payment is due in full at the time of
(Thu May 21) $650 $650 $650 of this brochure constitute a trademark of
registration and includes lunches, refreshments, and detailed
Superpass IDGA. Unauthorized reproduction will be
conference materials. Your registration will not be confirmed
(all 4 days) - Best Deal! $1,999 $2,199 $2,299 actionable under the Lanham Act and
until payment is received and may be subject to cancellation.
common law principles.
Register today by email: sherryl.jacobs@idga.org
5

IDGA
REGISTRATION CARD
535 5th Avenue, 8th Floor
❑ Yes, please register me for the 2nd Annual New York, NY 10017
❑ Conference ONLY
❑ Network Defense Focus Day
❑ Critical Infrastructure Focus Day
❑ Superpass
See Page 5 for pricing details.
Your customer registration code is:
TLS - SJ
When registering, please provide the code above.
Salutation/Rank________________________Name_____________________________
Job Title______________________________________________________________
Unit/Division___________________________________________________________
Organization____________________________________________________________
Approving Manager______________________________________________________
Address_______________________________________________________________
City__________________________________State______________Zip___________
3 EASY WAYS TO REGISTER:
Phone________________________________Fax_______________________________
Secure Express by Phone: 1-416-597-4710
1
E-mail__________________________________________________________________
Email-Alert: sherryl.jacobs@idga.org
2
❑ Check enclosed for $_________ (Payable to IDGA)
Fax: 1-416-598-7934
3
❑ Charge my __Amex __Visa __Mastercard __Diners Club
Card #____________________________________Exp. Date___/___
❑ Please keep me informed via email about this and other related events. 13553.002D/AK
See inside for strategies
and tools to make your
network airtight!
presents its 2nd Annual:
See page
3 for details!
Combating asymmetric cyber attacks
Network Defense Focus Day: May 18, 2009
Washington, DC Area
Main Conference Sessions: May 19 - 20, 2009
Critical Infrastructure Focus Day: May 21, 2009