CyberScape Insider Threats

Event Date: March 02, 2023

Time: 8:00am - 12:00pm

Location:

Archer Hotel Tysons - 7599 Colshire Drive, Tysons, VA 22102

Meet and hear from the federal IT cybersecurity leaders shaping budget and policy priorities. Leaders from the White House, NASA and the Departments of Defense, State, Health and Human Services, Homeland Security and Veterans Affairs will all be in attendance. Our panel topics include Hybrid Cloud Security, Reducing Technical Debt for Stronger Defenses and Shadow IT. Grab breakfast with us and network with the federal cyber community.

Agenda

8:00am - 8:55am

Breakfast and Networking

Speakers / Panelists

8:55am - 9:00am

Welcome Remarks

Speakers / Panelists

Michael Hoffman President GovCIO Media & Research

9:00am - 9:30am

Panel: Reducing Technical Debt for Stronger Cyber Defenses with Zero Trust

Aging IT infrastructure presents numerous cybersecurity risks to federal agencies and also prohibits them from deploying effective security strategies. Hear from defense, health and civilian cyber leaders about how they’re addressing technical debt by balancing targeted IT modernization with popular security approaches such as zero trust to secure data in declining systems.

Speakers / Panelists

Aaron Bishop CISO Department of the Air Force
Jason Burt Cybersecurity Advisor CISA
Rob Wood CISO CMS
Felipe Fernandez CTO Fortinet Federal
Sarah Sybert (Moderator) Senior Researcher GovCIO Media & Research

9:35am - 10:05am

Panel: The Threat of Shadow IT

Poor user experience in cybersecurity leads to workarounds, weakened security controls and shadow IT (i.e., the use of IT services without departmental approval and without checking the proper security boxes, such as multi-factor authentication). Shadow IT opens up a broader attack surface to malicious cyber actors. In fast-paced work environments, federal employees need the right data at the right time to do their jobs without cybersecurity impeding the mission. This panel will explore the ways federal cyber leaders are working to improve the user experience with cybersecurity and reduce the threat of shadow IT.

Speakers / Panelists

Korie Seville Technical Director, Hosting and Compute Center DISA
Kenneth D. Rogers Office Director, Strategy, Planning and Budget Department of State
Scott Davis CISO CBP
Anastasia Obis (Moderator) Staff Writer/Researcher GovCIO Media & Research

10:05am - 10:15am

Coffee Break

Speakers / Panelists

10:15am - 10:45am

Panel: Addressing Hybrid Cloud Security Risks

More federal agencies are exploring hybrid cloud solutions to meet mission-specific needs. Balancing on-premise data centers and IT systems with commercial, software-defined cloud solutions can present tricky cybersecurity challenges and unique security risks. This panel will discuss how to balance cybersecurity responsibilities with vendors and cloud strategies such as environment-as-code and zero trust for mitigating hybrid cloud vulnerabilities effectively.

Speakers / Panelists

Stacy Bostjanic Chief Defense Industrial Base Cybersecurity, OCIO DOD
Chief Architect and Security Strategist, Public Sector Red Hat
Joseph Fourcade Lead Cybersecurity Analyst ESCO VA
Amy Kluber (Moderator) Editor-in-Chief GovCIO Media & Research

10:50am - 11:30am

Fireside Chat: Evolving Cyber Priorities

The threat landscape is constantly changing along with the fast pace of technology, and federal agencies need to be primed and ready to respond to all threats, including those from within. The ongoing federal zero trust approach is one component to getting there.

Speakers / Panelists

Anjana Rajan Assistant National Cyber Director for Technology Security The White House
Kate Macri Deputy Editor GovCIO Media & Research

11:15am - 11:45am

Flywheel Awards Presentation

We’ll present the Flywheel Awards to recognize leaders and their work in federal government.

The flywheel — a critical component in a machine to increase its momentum — is also a critical symbol representing our publication’s goal to keep federal IT decision-makers informed on technology’s impact on government. This momentum is what fuels the constant need for transformers to innovate in federal technology and communicate those strategies across the industry.

Speakers / Panelists

Cyber Defender Stacy Bostjanic Chief Defense Industrial Base Cybersecurity DOD
Cyber Defender Lynette Sherrill Deputy Assistant Secretary of Information Security & CISO Department of Veterans Affairs
Cybersecurity Rising Star Korie Seville Technical Director, Hosting and Compute Center DISA
Zero Trust Advocate Gerald Caron CIO/Assistant Inspector General for IT HHS OIG

Speakers

Aaron Bishop CISO, Department of the Air Force
Aaron Bishop
- CISO
- Department of the Air Force
James “Aaron” Bishop, a member of the Senior Executive Service, is the Chief Information Security Officer (CISO) for the Department of the Air Force, comprised of the U.S. Air Force and the U.S. Space Force. As CISO, he is responsible for advising the Chief Information Officer and senior officials on cybersecurity policy, cybersecurity programs and cyber force development in the department. He leads a Directorate comprised of military, civilian and contractor personnel responsible for developing cybersecurity policy and strategy for over 5,000 Air Force information technology systems. He oversees risk management and cybersecurity accountability for information systems, weapon systems and operational technology supporting military cyberspace operations. His portfolio includes policy and governance of the defense industrial base, cyber supply chain risk management, compliance and cybersecurity capabilities. He has oversight for the Freedom of Information Act, Privacy Act laws and cryptographic modernization supporting cyber operations for the department.
Stacy Bostjanic Chief Defense Industrial Base Cybersecurity, OCIO, DOD
Stacy Bostjanic
- Chief Defense Industrial Base Cybersecurity, OCIO
- DOD
Chief Information Officer. In this position, she serves as the focal point within the DoD CIO to implement the Cybersecurity Maturity Model Certification (CMMC) program across the Defense Industrial Base(DIB).

As the CMMC Director, Ms. Bostjanick is responsible for sheparding this critical program though the Code of Federal Regulation System rulemaking process for both the CFR 32 and 48 and ultimately implementing the program across the more than 220,000 companies that make up the DIB. This includes collaborating across the Federal Government with partners such as the Department of Homeland Security and the other members of the Federal Acquisition Security Council, to standardize this process and truly federalize it. In this role, she also directs the Department’s efforts to educate DIB partners on programmatic requirements and ensures that DoD implements risk information sharing though the program’s execution. Additionally, Ms. Bostjanick is responsible for ensuring the Defense Acquisition community is trained and capable of including these requirements in their Programs and Acquisitions.

Prior to joining the CIO, Ms. Bostjanick served as the Director of SCRM for OCISO(A&S), where she was responsible for ensuring the incorporation of integrated supply chain efforts within USD(A&S). Ms. Bostjanick has an extensive career as an Acquisition Professional with roles that include the head of DIA’s Contracting Activity, and the Senior Contracting Officer for the Missile Defense Agency on the Standard Missile 3 Block IA and IB development and production program. She was responsible for cradle-to-grave execution of over $5 billion of highly-complex, cutting-edge contracts for our nation’s missile defense systems. Ms. Bostjanick has also served as the Deputy Procurement Executive with the Office of the Director of National Intelligence where she had responsibility for establishing Intelligence Community Enterprise-wide Policy and submissions to the Program Management Plan on an annual basis.

Ms. Bostjanick has had numerous awards and accomplishments throughout her career including the Naval Meritorious Civilian Service Award, David Packard Excellence in Acquisition Award, Office of the Secretary of Defense Certificate of Appreciation, the Director of National Intelligence Award for Collaboration Leadership, National Intelligence Meritorious Citation, and the Small Business Award.
Jason Burt Cybersecurity Advisor, CISA
Jason Burt
- Cybersecurity Advisor
- CISA
Jason Burt is a Cyber Security Advisor (CSA) with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency(CISA) assigned to Federal Region IV. CISA is the Nation’s risk advisor. The Agency protects the Nation’s critical infrastructure from physical and cyber threats by working with partners to defend against today’s threats and collaborating to build a more secure and resilient infrastructure for the future. CSAs are the front-facing cyber experts supporting regional operations capabilities. Mr. Burt serves as the liaison and focal point for communications, coordination, and outreach. He promotes cyber preparedness and resiliency, incident response, risk mitigation and situational awareness, and manages major cyber engagements; championing cyber resilience to public and private sector partners. Region IV encompasses eight states, including Mississippi, Alabama, Florida, Georgia, North Carolina, South Carolina, Tennessee, and Kentucky. Mr. Burt has been with the Department for nine years. Prior to becoming a CSA, he held positions as a Senior Watch Officer for CISA’s National Cyber Protection System (NCPS) Network Operation Center (NOC), as well as serving as a Network and Systems Administrator for the Department of Veterans Affairs. Additionally, Mr. Burt is also a retired Air Force Cyber Intelligence Officer. In this role, he provided direct support to Air Force Cyber Protection Teams tasked with defending key Air Force assets and resources against cyber threats.
Scott Davis CISO, CBP
Scott Davis
- CISO
- CBP
Scott Davis joined the U.S. Customs and Border Protection (CBP) Office of Information and Technology (OIT) as the Deputy Chief Information Security Officer (CISO) and Chief Security Architect in May 2020. Prior to joining CBP, Scott was the Deputy CISO for the Department of Labor from January 2018 May 2020. He has an extensive and diverse background in military, public, and private sectors with critical infrastructure security and information systems. Scott served for more than 20 years in the U.S. Air Force and has held roles in information systems security and systems engineering with the Department of Homeland Security (DHS) and as the Region Command Information Officer at the U.S. Department of the Navy. He has worked for the National Reconnaissance Office as a Flight Chief of Information Systems and Superintendent for the Communications Operations Squadron. He also worked for Booz Allen Hamilton as a Lead Project Manager and IT Lead.

As the Acting CISO at OIT, Scott provides cybersecurity expertise to ensure OIT technology services are provided in the most secure manner possible in support of the CBP mission. He recently developed the CBP FY22-24 Cybersecurity Strategy which will guide improvements to enhance the security of CBP information systems and the data processed, contained, and distributed by those systems.

Previously he managed and measured cybersecurity risks of the Department of Labor’s IT assets through the Identity and Access Management program by providing credentialed access to network accounts and supervising privileged user accounts. He integrated a Simplified Sign-on (SSO) system for 24 major applications, including three enterprise-wide solutions, reducing the need for multiple passwords, and fortified cybersecurity for the Department’s networks and systems through the use of the Continuous Diagnostics and Mitigation program, while overcoming a 38% Federal staffing shortage.

Scott earned a Bachelor of Science in Information Systems Management and Security Administration from Strayer University, and a Master of Business Administration from Liberty University.
Michael Epley Chief Architect and Security Strategist, Public Sector, Red Hat
Michael Epley
- Chief Architect and Security Strategist, Public Sector
- Red Hat
Michael Epley has been helping the US defense and National Security communities use and adopt open source software over the last 2 decades with practical experience as a software developer and enterprise architect. During his tenure at Red Hat, Michael has passionately driven adoption of key technology: cloud and kubernetes, tactical edge/forward deployed systems, data analytics tools and platforms, and disconnected operations — always in the context of security and compliance concerns unique to this sector. Michael has BS degrees in Mathematics and Mechanical Engineering from Virginia Tech and a JD from The University of Texas School of Law.
Felipe Fernandez CTO, Fortinet Federal
Felipe Fernandez
- CTO
- Fortinet Federal
Felipe Fernandez is the CTO at Fortinet Federal, a U.S. next-generation cyber security solution vendor that provides real-time threat detection and prevention. In addition to his role as a team manager, Felipe also oversees the US Federal product strategy and certification process at Fortinet Federal, such as the DoDIN APL and NSACSfC. Felipe has more than 21 years of experience in consulting, deploying, operating, and auditing security solutions in DoD and the private sector.
Joe Foster Cloud Computing Program Manager, NASA
Joe Foster
- Cloud Computing Program Manager
- NASA
Joe Foster joined NASA’s Goddard Space Flight Center as the Cloud Computing Program Manager in September 2018. He designed and built the Agency’s Mission Cloud Platform (MCP), achieving an Authorization To Operate (ATO) at a Moderate Security Level in only 10 months. Since the ATO, MCP has grown rapidly to now supporting almost 160 projects across all 10 NASA centers and still growing. For his work on MCP and thought leadership in the Federal space around Cloud Computing, Foster has won numerous awards including the 2020 Robert H Goddard Award, the 2021 NASA Agency Honors Award, and the 2021 Association for Federal Information Resources Management (AFFIRM) Leadership in Cloud Computing award winner.

Foster previously served as an IT Program Manager and Data Scientist with the National Geospatial-Intelligence Agency (NGA) from 2010–2018, where he migrated 60 separate activities from on-premises data centers to the cloud, spearheaded the adoption of the DevOps Pipeline, and conceptualized the system being used by the Agency to plan and track the cloud migration of 650+ applications. He served on NGA’s Cloud Leadership Team, Cloud Adoption Management Group, and DevOps Council, as well as two Intelligence Community-wide Cloud forums, the Intelligence Community IT Enterprise (ICITE) steering committee, and the ICITE Mission Users Group Forum. Foster also served in the U.S. Department of Homeland Security (DHS), the Nuclear Regulatory Commission (NRC), and as a private sector consultant. Foster is a U.S. Army Combat veteran who served as a Chemical, Biological, Radiological, Nuclear, and Explosives (CBRNE) Engineer from 1998–2005.
Joseph Fourcade Lead Cybersecurity Analyst, Enterprise Cloud Solutions Office, Office of Information and Technology, VA
Joseph Fourcade
- Lead Cybersecurity Analyst, Enterprise Cloud Solutions Office, Office of Information and Technology
- VA
Joseph Fourcade is a Lead Cybersecurity Analyst with the Enterprise Cloud Solutions Office, Department of Veterans Affairs. He received his Associates from United States Air Force, B.S from Nova Southeastern and his Masters from University of Phoenix. He has worked over 30 years of federal service with over 20 years working for VA and after being honorably discharged from the United States Air Force in 2001 after 10 years of service. Work History during his career listed the Miami VA Medical Center for 8 years In Office of Information Technology and the West Palm Beach VA Medical Center as an ISSO Information Security office.The time as an Information System Security Officer received awards for outstanding customer and college support multiple times for providing understanding of providing security is not a stopper but a path to work together attitude. The support of the enterprise through ECSO security consist of always working with clients to ensure the understanding of cloud adoption and what security cloud provides to the enterprise for applications through fedramp support. In his current position has been recognized for his knowledge and support with all efforts for Security of the cloud for VA.
Anjana Rajan Assistant National Cyber Director for Technology Security, The White House
Anjana Rajan
- Assistant National Cyber Director for Technology Security
- The White House
Anjana Rajan currently serves as the Assistant National Cyber Director for Technology Security at The White House. A renowned cryptographer, technology executive, and entrepreneur, Rajan has spent her career working at the nexus of national security and human rights. Prior to joining the White House, she was the first Chief Technology Officer of Polaris, the largest anti-human trafficking NGO in the United States. In this role, she architected Polaris’s web3 & human rights vision and built a proactive security strategy to defend the organization against foreign malign influence operations and violent extremist threats.

Previously, Anjana was a Tech Policy Fellow at the Aspen Institute, was a former Y Combinator founder, led open-source development of advanced cryptographic libraries, and worked at Palantir Technologies. She was a Knight Scholar at Cornell University’s Engineering School and received her bachelor’s and master’s degrees in Operations Research Engineering.
Kenneth D. Rogers Office Director, Strategy, Planning and Budget, Department of State
Kenneth D. Rogers
- Office Director, Strategy, Planning and Budget
- Department of State
Ken Rogers is a member of the Senior Executive Service (SES) and provides executive leadership for IT strategic planning, policy, portfolio and performance management, and budget formulation and execution including the use of various working capital funds associated with the Department’s $2.97B global IT portfolio. This IT portfolio supports a 76K person workforce operating in over 300 locations around the world.

Mr. Roger’s public sector career included serving as the State Department Chair at the Department of Defense, National Defense University, College of Information & Cyberspace. He also served as the Chief Information Officer at the Department of Homeland Security’s Science & Technology Directorate and has held leadership positions as the Chief Architect and Strategist at the U.S. Department of Commerce and the Export Import Bank.

His private sector experience includes financial management, government relations, and information systems management in the banking and aerospace industries, and as an international economic and management consultant supporting USAID.
Peter Romness Cybersecurity Principal, CISO Advisor's Office, Cisco
Peter Romness
- Cybersecurity Principal, CISO Advisor's Office
- Cisco
Peter Romness is a Cybersecurity Principal for CISO Advisors at Cisco Systems. For over 30 years, he has been devoted to helping government and education organizations securely accomplish their goals. He is honored to be able to help leaders understand and implement the latest cyber strategies to defend against threats, maintain individuals’ privacy, protect sensitive information, and secure government intellectual property.

Peter brings Cisco’s advanced cybersecurity solutions to departments and agencies at Federal, State, and Local Governments, and Educational Institutions. He works with NIST and the National Cybersecurity Center of Excellence (NCCoE) and has contributed to their 1800-Series Special Publications. Peter helps the broader IT community understand the very latest cyber capabilities and risk mitigation methods to effectively address cyber threats. His technical background and passion for clearly conveying high-tech topics allows him to explain advanced concepts to all audiences from engineer to business leader.

Prior to Cisco Systems, Peter held leadership positions at Hewlett-Packard, AT&T and Panasonic. He holds a degree in Mechanical Engineering from Duke University.
Korie Seville Technical Director, Hosting and Compute Center, DISA
Korie Seville
- Technical Director, Hosting and Compute Center
- DISA
Mr. Korie Seville serves as the Defense Information Systems Agency’s (DISA) Hosting and Compute Center (HaCC) Technical Director. In this role, Mr. Seville is responsible for the strategic technical direction of various DISA HaCC data center and cloud initiatives, including the Joint Warfighting Cloud Capability (JWCC) and Zero Trust.

Prior to becoming the Technical Director, Mr. Seville was the HaCC’s cloud infrastructure architect. As a member of the HaCC, he was responsible for architecting and integrating commercial cloud hosted solutions into the DoD network infrastructure.

Before joining the HaCC, Mr. Seville was an infrastructure architect for the Cloud Computing Program Office (CCPO) providing support to critical cloud enabling projects to include the Cloud Layered Obfuscation Application Kit, Global Directory, Azure Hosting Infrastructure, and the Commercial Virtual Remote (CVR) environment, which brought Microsoft 365 to over a million Department of Defense employees during the global pandemic. Also, Mr. Seville received a Bachelor of Computer Science from the Shippensburg University of Pennsylvania