Presented by Hosted by. Welcome Remarks Steve LeSueur Contributing Editor, 1105 Government...
-
Upload
marvin-whitehead -
Category
Documents
-
view
214 -
download
0
Transcript of Presented by Hosted by. Welcome Remarks Steve LeSueur Contributing Editor, 1105 Government...
Presented by
Hosted by
Welcome Remarks
Steve LeSueurContributing Editor, 1105 Government
Information Group
Opening Keynote:
Creating Trusted Digital Infrastructures--Practical Enterprise Experience
Gil VegaAssociate CIO for Cybersecurity and Chief
Information Security Officer, Department of Energy
A New Reality
Trusted Digital Infrastructure
Gil VegaAssociate CIO for Cybersecurity & Chief Information Security Officer
5U.S. Department of Energy | Office of the Chief Information Officer
The Fading Reality
6U.S. Department of Energy | Office of the Chief Information Officer
“If you protect your toothbrushes with the same zeal that you protect your diamonds, you’ll lose less toothbrushes
but more diamonds.”
– McGeorge Bundy
The New Reality
“Hear that Mr. Anderson? That is the sound of inevitability. That is the sound of your death. Goodbye,
Mr. Anderson,”
– Agent Smith “The Matrix”
Today...
• A little more background… why would you listen to me?
• Real Threats, Real Experiences…
• A CISO’s approach to…
• Leaving you with some thoughts…
7U.S. Department of Energy | Office of the Chief Information Officer
8U.S. Department of Energy | Office of the Chief Information Officer
The DOE is a nation-wide collection of nearly 100 national laboratories, production plants and
environmental clean-up sites
Operations Offices
Production/Cleanup
Laboratories
Field Offices
Site/Project Offices
Special Purpose Sites/Offices
Power Administrations
Service Business Center
U.S. Department of Energy | Office of the Chief Information Officer 9
ENERGY SCIENCE NUCLEAR SECURITY
DEPARTMENT OF ENERGY PROGRAM PORTFOLIO
10U.S. Department of Energy | Office of the Chief Information Officer
“DOE has Nuclear Weapons information and responsibility for the Energy Grid… The United States’ military, economic and social fabric has
become inextricably dependent on an Information Technology infrastructure that is inherently
insecure. What is the most likely threat to U.S. with greatest impact on our way of life? WMD?...or
Cyber Attack?…”
-- Robert Osborn, DOE NNSA CIO
11U.S. Department of Energy | Office of the Chief Information Officer
The Department of Energy is a government-owned contractor-operated (GOCO) enterprise.
National laboratories provide unique technical capabilities to the government that cannot be effectively met industry, academia, or government in-house resources.
The GOCO model gives the national laboratories greater flexibility than most government organizations in operations, and in attracting and retaining a diverse and highly skilled technical workforce across a wide range of disciplines.
The national laboratories are the Department’s strong long-term partners, supporting the diverse research and development needs our missions demand.
Innovation
12U.S. Department of Energy | Office of the Chief Information Officer
13U.S. Department of Energy | Office of the Chief Information Officer
“[The DOE National Labs] are the crown jewels of American innovation,
which is also why they’re prime targets for hostile entities…”
-- Daniel B. Poneman, Deputy Secretary of Energy
14U.S. Department of Energy | Office of the Chief Information Officer
Real Threats…
Script Kiddies
Cyber Criminals
Nation States
15U.S. Department of Energy | Office of the Chief Information Officer
Real Experiences…
Oak Ridge National Lab
Pacific Northwest National Lab
Jefferson Lab
16U.S. Department of Energy | Office of the Chief Information Officer
What did we learn…
“In a time of drastic change it is the learners who inherit the future. The
learned usually find themselves equipped to live in a world that no
longer exists.” – Eric Hoffer
Oh yeah, we did learn…
17U.S. Department of Energy | Office of the Chief Information Officer
DOE CISO view…
Risk Management
Approach (RMA)
DOE Joint Cybersecurity
Coordination Center (JC3)
DOE Cyber Sciences
Laboratory (CSL)
Cloud Transformation
(RightPath)
Leading Edge Initiatives, such as Supply
Chain, E-RAMP
Parting thoughts...• There’s danger in multi-level security environments
18U.S. Department of Energy | Office of the Chief Information Officer
• Monitor events 24x7x365
• Accept that intrusions have occurred and will continue…• Social engineering is a sure-bet even with great security
• Prepare … focus on quick detection … triage … containment
• Stay the course … slow and steady wins the race…• Understand your mission and business areas … partnership• Good Governance and appropriate policy really works…
• It’s about the data … it’s about the people (good or bad) who have access to your data
Wrap up…
19U.S. Department of Energy | Office of the Chief Information Officer
Gil VegaChief Information Security Officer
U.S. Department of Energy | Office of the Chief Information Officer
The Science and Economy of Global Cyber
Resilience in Today's Threat Environment
Dr. Phyllis SchneckVice President and Chief Technology Officer,
Global Public Sector, McAfee
Ask the Experts Discussion:Focus on Enterprise Risk Management -- From the Data Center to the
Mobile Device
Steve LeSueur (Moderator)Contributing Editor, 1105 Government Information Group
Bob KimballCTO, Ciena Government Solutions
Rob RoyFederal ESP Chief Technology Officer, Enterprise Security Products, Hewlett-
Packard
Richard TowleDirector of Northeast Region, Federal Government, and Eastern Canada, FireMon
Closing Remarks
Steve LeSueurContributing Editor, 1105 Government
Information Group