Conference

API Cybersecurity Conference & Expo 2017

Tuesday, November 7, 2017 to Wednesday, November 8, 2017

The energy industry, including oil and natural gas, is ranked 2nd highest of all industries most likely to suffer a cyber attack. This conference is organized by API to provide an opportunity to network with cybersecurity professionals, and to candidly discuss challenges and share solutions. These sessions, essential to cybersecurity, are chosen and presented by recognized experts in the field.

Dave Weitzel and Julie Snyder, Cybersecurity Engineers at the NCCoE, and Josephine Long of the US Coast Guard will be speaking about Industry/Government Partnership: Cybersecurity through Development of a NIST CSF Profile with US Coast Guard during the session entitled NIST Cybersecurity Framework: Use & Deployment on Tuesday, November 7th at 10:40am.

CyberMaryland 2017

Wednesday, October 11, 2017 to Thursday, October 12, 2017

MITRE’s Zach Furness, Acting Technical Director at the National Cybersecurity FFRDC, which operates the NCCoE, will be participating in a panel at this year’s Cyber Maryland at the Baltimore Convention Center. The panel is entitled, Academic Catalysts in the Local, National, and International Cybersecurity Ecosystems and Agendas and begins at 11:00 am on October 12th.

The CyberMaryland Conference is an annual two-day event presented by the Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.

4th Annual Industrial Control Cyber Security USA Summit

Tuesday, October 3, 2017 to Wednesday, October 4, 2017

David Weitzel, cybersecurity engineer at the National Cybersecurity Center of Excellence (NCCoE), will be presenting a session entitled The NCCOE Approach to Situational Awareness on October 4th from 11:30am-12:00pm at this year’s 4th Annual Industrial Control Cybersecurity USA meeting.

Cyber Senate will meet this year in Sacramento, CA to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure. Key topics of discussion will pivot on the convergence of operational and information technology transformation, design, implementation, integration and risks associated with enterprise facing architecture.

Mr. Weitzel’s presentation will discuss the NCCoE’s example solution that can be used by electric sector companies to alert their staff to potential or actual cyber attacks directed at the grid.

Safeguarding Health Information: Building Assurance through HIPAA Security Conference

Tuesday, September 5, 2017 to Wednesday, September 6, 2017

NIST and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are co-hosting the 10th annual conference, Safeguarding Health Information: Building Assurance through HIPAA Security, at the Hyatt Regency, Washington, D.C. The conference will explore the current healthcare cybersecurity landscape and the (HIPAA) Security Rule. The NCCoE will provide updates on its Healthcare sector projects in two presentations. 

On September 5 from 1:45-2:45pm, NCCoE Acting Deputy Director, Tim McBride, along with NIST's Matt Barrett (Cybersecurity Framework) and Rodney Petersen (National Initiative for Cybersecurity Education), will be giving updates on healthcare related NISt projects.  and Lead Engineer Sue Wang will be participating in a panel. On September 6 from 10:15-11:15am, NCCoE Cybersecurity Engineer Sue Wang will participate on the panel "Securing Medical Devices and the Internet of Things in the Healthcare Space."

FCW Cybersecurity Summit

Wednesday, August 9, 2017

NCCoE Acting Deputy Director Tim McBride will participate in the panel discussion "Continuous Diagnostics and Mitigation – Fortifying Government" from 10:30am-11:10am at FCW's Cybersecurity Summit in Washington, DC. This session will discuss strategies for leveraging the full capabilities of CDM as part of an agency’s broader cyber strategy.

RSA Charge 2017

Tuesday, October 17, 2017 to Thursday, October 19, 2017

Senior Cybersecurity Engineer Bill Newhouse will participate in a panel on "Build Omni-channel Fraud Strategies with Deep Entity Profiling & Automation" at RSA Charge on Wednesday, October 18, 2017 from 2:30pm to 3:15pm. The panel will discuss best practices to leverage these technologies to mitigate fraud more effectively while reducing end-user friction and operational costs and enabling omni-channel business growth.

Moderator:
Yael Gour, Product Marketing, RSA

Panelists:
Daniel Cohen, Director of Product Management, Fraud & Risk Intelligence, RSA
Gregg Sansone, Director, Decision Science Design, USAA
Bill Newhouse, Senior Cybersecurity Engineer, National Cybersecurity Center of Excellence and Deputy Director, National Initiative for Cybersecurity Education

Mobility Summit

Tuesday, July 18, 2017

NCCoE Security Engineer Joshua Franklin will participate in a panel discussion titled "A Defense-in-Depth Approach to Mobile Security" from 11:30am to 12:10pm. This session will explore the different dimensions of mobile security and how they must be managed in a comprehensive approach. Topics include mobile device management, authentication strategies, and the mobile threat landscape. The Mobility Summit will be held in Washington, D.C. and will provide federal IT leaders with insights into the foundations of the mobile ecosystem: Productivity tools, apps, devices, management strategies, and defense-in-depth cybersecurity.

GridSecCon 2017

Tuesday, October 17, 2017 to Thursday, October 19, 2017

NCCoE Security Engineer Jim McCarthy will lead the session titled "Convergence of Cybersecurity Situational Awareness Capabilities for the Energy Sector" at GridSecCon 2017 in St. Paul, MN. NCCoE engineers alongside former Department of Energy CTO Pete Tseronis, Eric Andersen and Mark Rice of Pacific Northwest National Laboratory  (PNNL), and Mary-Ann Ibeziako and Don Hill of University of Maryland College Park, Engineering and Energy, will share their expertise on Situational Awareness and discuss the recently NIST Special Publication 1800-7 that uses commercially available products to explore the methods for energy providers to more readily detect and remediate anomalous conditions and investigate the chain of events that led to the anomalies.

NERC’s annual Grid Security Conference (GridSecCon) series brings together cybersecurity and physical security experts from industry and government to share emerging security trends, policy advancements, and lessons learned related to the electricity sub-sector. 

PCI North America Community Meeting

Wednesday, September 13, 2017

Authenticating users in card not present (CNP) transactions continues to be a challenge for e-commerce payments. In this session "No Card? No Problem" NCCoE's Deputy Program Manager Brian Abe and Orvis' Head of IT Security, Compliance and Risk Management Tyson Martin will discuss approaches being developed by the NCCoE in conjunction with industry partners to implement multifactor authentication to address these challenges and implement stronger authentication mechanisms to ensure a customer is authorized to use a credit card for e-commerce transactions. The NCCoE example implementation will introduce multifactor authentication that ties to existing web analytics and contextual risk calculation to reduce the risk of false online identification and authentication fraud.

FS-ISAC 2017 Fall Summit

Sunday, October 1, 2017 to Wednesday, October 4, 2017

NCCoE Senior Engineer Harry Perper will present "Ransomware Recovery and Privileged Account Management Improve Resilience" on October 4 from 1:45pm to 2:30pm at the FS-ISAC Fall Summit in Baltimore, Md. Malware and insider threat actors often make use of privileged accounts to enable their activities. Recovery from ransomware is complicated by the lack of consistent and protected file and system back-ups. And access rights policies are difficult to enforce using manual processes. This session will explore  the NCCoE's research and projects related to Data Integrity (ransomware recovery), Access Rights Management, and Privileged Account Management.