Proceedings: Open Cybersecurity Summit 2012

Proceedings: Open Cybersecurity Summit 2012

Last fall the Bryant Group led the production of the first annual Open Cybersecurity Summit.

The event was underwritten by the Department of Homeland Security Science and Technology Division (DHS S&T), Cybersecurity Division and delivered by Georgia Tech Research Institute (GTRI), the Homeland Open Security Technology program (HOST). The HOST program was created to explore, invest in and share potential solutions developed and distributed as open source software tools and applications.

The proceedings have been available to attendees for some time, but are public and available to any interested parties.  It was a first of a kind event so far as we know, with an emphasis on the use of Open Source Software tools and applications as well as related best practices in the Cybersecurity space. You can download the full DC Summit Proceedings 2012, or visit the archived conference site.

We expect the next summit to be announced later this spring.

summit

Summit Agenda

Morning

8:00 a.m. | Registration

9:00 a.m. | Summit Welcome

Keynote: “Crowds, Clouds, and Spies”

Speaker: Stewart A. Baker, former DHS Assistant Secretary for Policy, author and partner at
Steptoe & Johnson LLP

10:00 to 10:30 a.m. | General Session

“OWASP – The World’s Largest Open Source Web Application Security Project”

Speaker: Dave Wichers, Open Web Application Security (OWASP) board member and
COO and Co-founder, Aspect Security Inc.

10:30 – 10:45 a.m. | Break & Poster Sessions

10:45 a.m. – noon | Panel “Open Source and Cybersecurity: Building Trust and
Interoperability”

• Panelists: Matthew Scholl, Deputy Division Chief, Computer Security Division and
Associate Director of Operations for the NIST National Cybersecurity Center of
Excellence.
• Luke Berndt, Program Manager, Department of Homeland Security, Science and
Technology (S&T) Division
• Moderator: Mark Bohannon, Vice President, Corporate Affairs & Global Public
Policy, Red Hat.

Noon to 1:00 p.m. | Lunch Break & Poster Sessions

Afternoon

1:00 2:30 p.m. Panel: “Government as the Consumer and Creator of Open
Cybersecurity”

• Panelists: Dr. David A. Wheeler, Analyst, Institute for Defense Analyses
• Joshua Davis, Georgia Tech Research Institute (GTRI) Associate Branch Head, Cyber
Security Lab and Principal Investigator for the Homeland Open Security Technology
(HOST) program
• Joe Broghamer, Lead, Authentication Technologies, U.S. Department of Homeland
Security, Immigration and Customs Enforcement (ICE) Office of the Chief
Information Officer, IAD

2:30 – 2:45 p.m. |Break & Poster Sessions

2:45 – 3:50 p.m. | Lightning Talks

• Adding Real-time File Analytics to the Open Source Suricata Platform; Harold
Jones, BAE Systems
• Fostering an Innovative Smart Card Environment; Peter Fucci, Safer Institute
• Identity Management: Linux and Active Directory integration; Dmitri Pal, Red Hat
Inc.
• Open Source Software Verification and Validation; Philip Marshall, Black Duck
Software
• XenClient XT: The Extensible Platform for Secure Virtualization; Philip Tricca, Citrix
Systems
• Drupal Security Controls for Government Sites; Greg Wilson, Phase 2 Technology

3:50 – 4:00 pm | Closing Comments

Speaker: Dr. Douglas Maughan, Director, DHS S&T, Cyber Security Division

4:00 – 5:00 p.m. | Networking & Poster Sessions

Get on the (Hacker) Bus.

Get on the (Hacker) Bus.

I recently returned from the Thirteenth International Forum for Free Software (FISL) in Porto Alegre Brazil.  With an attendance of about 8,000 this year, it is the largest tech conference in South America and likely the largest free/open source conference in the world.  I was fortunate to have attended representing OSI and presented a keynote on free and open source software and its civic and social impact around the world, and a second session on Economic Development.

The Brazilian government – with great grassroots support – was a pioneer in the use of free software as an economic development strategy, and also to bridge the digital divide by lowering the barrier to access to technology.  Today the government’s involvement has shifted in some respects, and community leaders from a number of Latin American countries are debating in general the pros and cons of government partnership in their FOSS initiatives.

The “Hacker Bus” project – pictured above behind myself and colleague Paulo Mierelles from the University of Sao Paulo FLOSS Competency Center - really impressed.  Getting technology and “Hacktivism” out into undeserved areas makes for a fantastic program.
You can read more about the project on The Next Web  published during last year’s conference.

Coming up: Open Source & Cybersecurity at POSSCON March 28-29, 2012

One of my favorite projects I have the good fortune to be contributing to was created by the US Department of Homeland Security Science and Technology Directorate (DHS S&T – the equivalent of the R&D arm of the agency).  It’s called the HOST program (Homeland Open Security Technology).

Joining me at the upcoming Palmetto Open Source Software Conference (POSSCON) on March 22-29 will be my HOST colleagues from  DHS, Georgia Tech Research Institute, OSSI, and other government experts like John Scott (most recently co-authored “Open Technology Development: Lessons Learned & Best Practices for the Military”.

The program does a number of things, but the main thrust is to help get open source cyber security tools in to the hands of federal, state and local agencies wherever it makes sense. The path that leads there includes creating some useful educational tools and making small, strategic investments to help make that possible.

If you’re interested in Open Source, the POSSCON event has grown into a must-attend.  If you’re interested in security, please come join us.  We’ll be there to….

Columbia, South Carolina serves up big heaps of southern hospitality to conference participants every year.  This is my fourth year to make the pilgrimage there.  If you can attend, I promise you won’t be disappointed.  And if you do, please come say hello.

Open Source is on the Agenda for Cyber Security Experts in Palo Alto

Open Source is on the Agenda for Cyber Security Experts in Palo Alto

Icomputer-internet-security-artwork‘m in Palo Alto CA for a few days to speak at a gathering of Cyber experts from vaious disciplines at the ITTC forum at SRI headquarters in Silicon Valley.  I’m pleased for the opportunity to talk about the US and other federal agencies growing adoption of open source software AND rolling some of their own too.  Will be joining (and moderating) a panel Matt Jonkman from the Open Information Security Foundation and Doug Maughan who runs the Cyber Security Division of DHS’s Science and Technology Directorate (essentially the R&D arm of that agency).

On the same topic: Later this fall, I’ll working with GTRI and DHS rolling out open-technology focused summits; details to follow, prelimary info for summits in D.C. and the SFO Bay Area are available now.

Open Government and eParticipation in the EU

Open Government and eParticipation in the EU

I spoke to the OpenGov and eParticipation Summit in Belfast, Northern Ireland in late September.  The event was produced by the University of Ulster with the help of a number of organizations and sponsors.  I’d met faculty from the University when they came out to visit the Open Source Lab and learn more about the OSL’s success with supporting global open source communities. was pleased to be invited to share what I’ve learned working with a number of Open Government / Open Data initiatives and the open source community in the US.

Speakers ranged from county government to senior UK government, included industry, entrepreneurs and academics.  Topics extended to open data and information exchange in health IT.   A presentation from an Italian company which produces town hall style meetings using electronic voting described their product and process.  The system was utilized during the Day 2 eParticpation Summit.  The software interestingly enough was actually written by the Tuscany government and is available as open source.

It was interesting to see the conference and summit take the policy issues related to open data head on.  In contrast to the US where private industry and civic advocates have driven the train while (most notably) the Federal government is de-funding transparency sites, Ireland and the UK governments themselves seem more engaged in creating a road map for opening their data and making that transition sustainable.  At the same time, the open source community seems less engaged there in supporting more civic and volunteer approaches to opening up government.

GOSCON 2011 Shakes Up Government IT

This year’s theme for the Innovation Nation Forum, which was co-located with GOSCON, was “Shake It Up,” and things were shaken up indeed. While we were a little sad that this year’s conference wrapped up early due the East Coast earthquake, we’re all pleased that no one was harmed. Plus, we did get to shake up all things government IT and open source before the lunch hour, presenting two panels on “Cost Take Out” and “Building Outside the Box.”

You can read more from the panels in the GOSCON and GOSCON DC Tweet streams. My colleague Gunnar Hellekson from RedHat has penned an excellent post on opensource.com summarizing the Cost Take Out panel. Alex Howard from O’Relly Media moderated that panel plus did a great writeup of the event entitled “Government IT’s Quiet Open Source Evolution”.

The good folks at MeriTalk, producers of Innovation Nation, have shared a video of the luncheon exec panel which was underway when the quake hit.  More materials from the conference are forthcoming; promise they’ll be exciting in less seismic ways.