- This event has passed.
National Security Technology Conference 2020
November 19, 2020 @ 8:15 am - 12:00 pm ESTComplimentary ISACA GWDC Members, $60 Other ISACA Members and Non-Members
Join us for the Virtual National Security Technology Conference 2020 on November 19th. Information system confidentiality, integrity and accessibility of national security and defense agencies are paramount to advance our Nation’s interests. Join us at the National Security Information Technology Conference to learn about initiatives from select agencies that have been demonstrating being efficient and effective custodians of taxpayer resources.
In light of the ongoing pandemic, this event is being held as a virtual Zoom meeting.
- 8:15 to 8:25 AM: Conference Introduction
- 8:25 to 9:00 AM: National Security Agency's Cybersecurity Information on Compromised Personal Network Indicators and Mitigations
- 9:00 to 10:00 AM: Department of Homeland Security’s Risk Management and Internal Control Program
- 10:00 to 11:00 AM: Department of the Air Force's Memorandum on Cyber Security and Resiliency Information for Small Businesses
- 11:00 to 12:00 PM: Government Accountability Office's Cyber National Security Reports
National Security Technology Conference 2020 - Learning Objectives:
- Learn about information technology matters pertaining to operations of national security and defense agencies.
- Understand leading practices being applied or recommended by the national security and defense organizations.
- Obtain insights that are relevant and applicable for organizations of attendees.
Department of Homeland Security’s Risk Management and Internal Control Program
Presented by Alyssa Smiley (Department of Homeland Security)
As the Department of Homeland Security (DHS) continues to strive towards a federally mandated clean opinion for internal controls over financial reporting, this session will walk through the challenges, achievements, framework, and enhancements that DHS has faced and implemented along the way. Discover how DHS has designed an approach to the Department’s risk management and internal control program for financial reporting systems to span numerous Component agencies, an average annual budget of over $80B, nearly 100 financial support systems, and an ever-changing control environment. With increased focus and attention on data and information produced by the entity as well as service provider monitoring, DHS continues to make adjustments to refine processes and approach, but like all agencies, is faced with limitations and legacy applications that add to the hurdles encountered on its journey to a clean opinion.
National Security Agency's Cybersecurity Information on Compromised Personal Network Indicators and Mitigations
Presented by Nick Gengo (National Security Agency) and Trey Hoffman (National Security Agency)
As teleworking increases for government workers, the National Security Agency issued Cybersecurity Information to provide guidance to users who have received authorization to connect Government Furnished Equipment (GFE) to personal networks. The Cybersecurity Information describes potential indicators of compromise and mitigation practices that can be used to minimize damage if the network is believed to be compromised. Mr. Nick Gengo and Mr. Trey Hoffman of the National Security Agency will provide more details on this guidance. The Cybersecurity Information may be found at Compromised Personal Network Indicators and Mitigations.
Department of the Air Force's Memorandum on Cyber Security and Resiliency Information for Small Businesses
Presented by Wanda Jones-Heath (Department of the Air Force)
The Department of the Air Force issued a memorandum on September 2020 to clarify Cybersecurity requirements for Small Businesses. According to the memo, its intent is to provide information to help Small Business frame their Cybersecurity approach to meet the cybersecurity and resiliency objectives of the Air Force. Join Ms. Wanda Jones-Heath, the Air Force's Chief Information Security Officer, as she expounds on the requirements and details of the memorandum. The memorandum may be found at DAF Memorandum Cyber Security and Resiliency Information for Small Businesses.
Government Accountability Office's Cyber National Security Reports
Presented by Brian Mazanec (Government Accountability Office) and Nick Marinos (Government Accountability Office)
The GAO recently published the following reports related to federal efforts to protect the cybersecurity and national security of the nation against evolving threats:
- CYBERSECURITY: Clarity of Leadership Urgently Needed to Fully Implement the National Strategy
- NATIONAL SECURITY: Additional Actions Needed to Ensure Effectiveness of 5G Strategy
- CYBER DIPLOMACY: State Has Not Involved Relevant Federal Agencies in the Development of Its Plan to Establish the Cyberspace Security and Emerging Technologies Bureau
Mr. Nick Marinos and Mr. Brian Mazanec of the GAO will provide overviews and insights on these reports.
MEET THE PRESENTERS
Acting Director, Risk Management and Assurance
Office of the Chief Financial Officer, Department of Homeland Security
Alyssa Smiley is the Acting Director for the Risk Management and Assurance division at the Department of Homeland Security. Since joining DHS Headquarters in 2016, Alyssa has assisted in developing a robust, risk based information technology assurance program that continues to be used by the Department to strengthen its IT security controls and is working to expand to provide enhanced coverage over application controls, data management, and information produced by the entity. Prior to joining DHS Headquarters, Alyssa supported Immigration and Customs Enforcement (ICE) within DHS.
Chief Information Security Officer, United States Air Force
Wanda Jones-Heath is the Chief Information Security Officer, Office of Information Deputy Chief Information Officer, Office of the Security of the Air Force, the Pentagon, Arlington, Virginia. She leads a division comprised of military, civilian and contractor personnel responsible for developing Air Force Cybersecurity policy and strategy for more than 5,000 Air Force Information Technology systems. She also manages the Air Force’s transition to the Risk Management Framework and provides oversight for the Freedom of Information Act and Privacy Act laws. Ms. Jones-Heath manages oversight for the protect portfolio including operating system lifecycle management and capabilities for the Comply to Connect program. She delivers cryptographic modernization across the Air Force, implementing the enterprise-wide cross domain solution and cryptographic information technology standards.
Ms. Jones-Heath graduated from the University of South Carolina in 1990 with a degree in Computer Science. She began her Civil Service career as a Palace Acquire Intern as an Information Systems Specialist in various functional areas. She moved to Headquarters Air Combat Command, Langley Air Force Base, Virginia, in 1993. There she held positions responsible for policy and guidance for security and network systems. Prior to arriving at the Headquarters Air Force staff, Ms. Jones-Heath was the Program Manager, Defense Information Systems Agency. Ms. Jones-Heath led the effort to establish a DoD Mobile capability to include infrastructure. Her joint experience includes working in various positions at Ramstein Air Base, Germany.
Director, Defense Capabilities and Management Team
Government Accountability Office
Brian Manzanec oversees GAO's work on intelligence community management, personnel security clearances, artificial intelligence, sensitive activities, space policy/operations, and other emerging warfare issues. Prior to his current position, Brian worked as an Acting Director in GAO’s International Affairs and Trade team. He led work on intelligence and counterintelligence, counterterrorism, building foreign partner capacity, cybersecurity, and foreign military financing and sales. Brian joined GAO in July 2009. Brian earned a Ph.D. in International Security from George Mason University. He also has a master’s degree in Defense and Strategic Studies from Missouri State University and a bachelor’s degree in Political Science from the University of Richmond.
Director, Information Technology and Cybersecurity Team
Government Accountability Office
Nick Marinos leads GAO's audit teams that perform government-wide and agency-specific reviews in the areas of cybersecurity, critical infrastructure, privacy, and data protection across all major federal agencies. Nick also leads GAO’s ongoing evaluation of the Census Bureau’s efforts to implement and protect IT systems critical to the 2020 Census.
Nick joined GAO in 2002. During his career at GAO, Nick has led major reviews of:
- Efforts by the executive branch to implement the National Cyber Strategy
- Cybersecurity risk management practices at major federal agencies
- Data protection practices at the Centers for Medicare and Medicaid Services and Federal Student Aid office
- The response by Equifax and federal agencies to the 2017 data breach
- Cybersecurity of critical infrastructure, including within the financial services sector, the nation’s electricity grid, and oil and gas pipeline sectors
Nick earned an MBA in information systems and technology and a bachelor’s degree in business information technology, both from Virginia Tech. He serves on the Virginia Tech MBA and BIT advisory boards at the Pamplin College of Business. As one of GAO’s leading experts, Nick is also frequently invited to speak on a range of cybersecurity topics. Nick is a certified information privacy professional.
ISACA Members: Complimentary registration as part of membership. Not a member? Become one today!
Conference presentations are posted to the Presentations Library if permission is received from the presenter and their organization. In some cases, permission is not received.
Sponsor this Event
Earn up to 3.5 Continuing Professional Education (CPE) credits in the area of Specialized Knowledge. The ISACA® NCAC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: http://www.learningmarket.org.
CPE Distribution and Evaluation Survey
CPE's will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event by answering each survey question during and between topics to receive full CPE credit.
- Prerequisites and Advance Preparation: N/A
- Program Knowledge Level: Basic to Advanced
- Delivery Method: Virtual
Kenneth joined ISACA in 2013 and presently serves as the GWDC Communications Director. He holds the CISM, CISA, PMP, CIPP/G, and AWS CCP.