Proceedings: Open Cybersecurity Summit 2012

Proceedings: Open Cybersecurity Summit 2012

Last fall the Bryant Group led the production of the first annual Open Cybersecurity Summit.

The event was underwritten by the Department of Homeland Security Science and Technology Division (DHS S&T), Cybersecurity Division and delivered by Georgia Tech Research Institute (GTRI), the Homeland Open Security Technology program (HOST). The HOST program was created to explore, invest in and share potential solutions developed and distributed as open source software tools and applications.

The proceedings have been available to attendees for some time, but are public and available to any interested parties.  It was a first of a kind event so far as we know, with an emphasis on the use of Open Source Software tools and applications as well as related best practices in the Cybersecurity space. You can download the full DC Summit Proceedings 2012, or visit the archived conference site.

We expect the next summit to be announced later this spring.

summit

Summit Agenda

Morning

8:00 a.m. | Registration

9:00 a.m. | Summit Welcome

Keynote: “Crowds, Clouds, and Spies”

Speaker: Stewart A. Baker, former DHS Assistant Secretary for Policy, author and partner at
Steptoe & Johnson LLP

10:00 to 10:30 a.m. | General Session

“OWASP – The World’s Largest Open Source Web Application Security Project”

Speaker: Dave Wichers, Open Web Application Security (OWASP) board member and
COO and Co-founder, Aspect Security Inc.

10:30 – 10:45 a.m. | Break & Poster Sessions

10:45 a.m. – noon | Panel “Open Source and Cybersecurity: Building Trust and
Interoperability”

• Panelists: Matthew Scholl, Deputy Division Chief, Computer Security Division and
Associate Director of Operations for the NIST National Cybersecurity Center of
Excellence.
• Luke Berndt, Program Manager, Department of Homeland Security, Science and
Technology (S&T) Division
• Moderator: Mark Bohannon, Vice President, Corporate Affairs & Global Public
Policy, Red Hat.

Noon to 1:00 p.m. | Lunch Break & Poster Sessions

Afternoon

1:00 2:30 p.m. Panel: “Government as the Consumer and Creator of Open
Cybersecurity”

• Panelists: Dr. David A. Wheeler, Analyst, Institute for Defense Analyses
• Joshua Davis, Georgia Tech Research Institute (GTRI) Associate Branch Head, Cyber
Security Lab and Principal Investigator for the Homeland Open Security Technology
(HOST) program
• Joe Broghamer, Lead, Authentication Technologies, U.S. Department of Homeland
Security, Immigration and Customs Enforcement (ICE) Office of the Chief
Information Officer, IAD

2:30 – 2:45 p.m. |Break & Poster Sessions

2:45 – 3:50 p.m. | Lightning Talks

• Adding Real-time File Analytics to the Open Source Suricata Platform; Harold
Jones, BAE Systems
• Fostering an Innovative Smart Card Environment; Peter Fucci, Safer Institute
• Identity Management: Linux and Active Directory integration; Dmitri Pal, Red Hat
Inc.
• Open Source Software Verification and Validation; Philip Marshall, Black Duck
Software
• XenClient XT: The Extensible Platform for Secure Virtualization; Philip Tricca, Citrix
Systems
• Drupal Security Controls for Government Sites; Greg Wilson, Phase 2 Technology

3:50 – 4:00 pm | Closing Comments

Speaker: Dr. Douglas Maughan, Director, DHS S&T, Cyber Security Division

4:00 – 5:00 p.m. | Networking & Poster Sessions

Coming up: Open Source & Cybersecurity at POSSCON March 28-29, 2012

One of my favorite projects I have the good fortune to be contributing to was created by the US Department of Homeland Security Science and Technology Directorate (DHS S&T – the equivalent of the R&D arm of the agency).  It’s called the HOST program (Homeland Open Security Technology).

Joining me at the upcoming Palmetto Open Source Software Conference (POSSCON) on March 22-29 will be my HOST colleagues from  DHS, Georgia Tech Research Institute, OSSI, and other government experts like John Scott (most recently co-authored “Open Technology Development: Lessons Learned & Best Practices for the Military”.

The program does a number of things, but the main thrust is to help get open source cyber security tools in to the hands of federal, state and local agencies wherever it makes sense. The path that leads there includes creating some useful educational tools and making small, strategic investments to help make that possible.

If you’re interested in Open Source, the POSSCON event has grown into a must-attend.  If you’re interested in security, please come join us.  We’ll be there to….

Columbia, South Carolina serves up big heaps of southern hospitality to conference participants every year.  This is my fourth year to make the pilgrimage there.  If you can attend, I promise you won’t be disappointed.  And if you do, please come say hello.

Open Source is on the Agenda for Cyber Security Experts in Palo Alto

Open Source is on the Agenda for Cyber Security Experts in Palo Alto

Icomputer-internet-security-artwork‘m in Palo Alto CA for a few days to speak at a gathering of Cyber experts from vaious disciplines at the ITTC forum at SRI headquarters in Silicon Valley.  I’m pleased for the opportunity to talk about the US and other federal agencies growing adoption of open source software AND rolling some of their own too.  Will be joining (and moderating) a panel Matt Jonkman from the Open Information Security Foundation and Doug Maughan who runs the Cyber Security Division of DHS’s Science and Technology Directorate (essentially the R&D arm of that agency).

On the same topic: Later this fall, I’ll working with GTRI and DHS rolling out open-technology focused summits; details to follow, prelimary info for summits in D.C. and the SFO Bay Area are available now.