Focused Networking
Wednesday, May 16, 2018 – 4:00 PM - 5:00 PM
Avoid the afternoon rush and gather with industry and government peers for unstructured discussion and networking. Focused Networking, now in its third year, was added in response to requests from attendees for increased opportunities to engage both industry colleagues and government peers to discuss shared challenges and collaborative solutions in more depth. For this iteration, we have chosen four key subject areas to align with topics of key interest to the Department of Defense.
We hope to attract experts from both industry and government for a productive exchange of innovative ideas. The sessions are designed to be interactive and conversational. This is a PowerPoint free zone with only a podium, minimal seating and high-top tables to facilitate networking flow.
Discussion facilitators will assist in getting things started by introducing the discussion topics with a few framing remarks but limited to 5-7 minutes to allow the balance of the time for discussion.
Members of the DISA's Corporate Connections team will also be present to engage with industry.
No prior sign-up necessary; open to all registered symposium attendees.
Discussion Topics:
Software Defined Enterprise (SDE)
(Room 323)
Facilitator:
Paul Inverso
Technical Manager
Software Defined Enterprise (SDE) Technical Management Office, Cyber Development Directorate
Defense Information Systems Agency (DISA)
Topic Description:
The premise of SDE is two-fold: First that you separate the brain [control plane] and the muscle [data plane] within a network. Second, like the conductor of a symphony you place the C2 of the devices to a controller. So why does this matter? Let’s say you have 1 million endpoints and all of the sudden 100 of them go rogue, in a traditional network the admin would have to go to each endpoint and fix them one by one. In a SDE model with automated policy driven action, after the network senses the anomaly, automated actions are deployed to bring the 100 endpoints back into compliance.
Problem Statement #1
Software Defined Enterprise relies on process improvements and a cultural shift towards automation equal to or more than deploying technological innovations. What process challenges or cultural challenges has our industry partners experienced while deploying software defined capabilities?
Problem Statement #2
DISA is considering the implementation of a Global Orchestrator for C2 of the service level orchestrators. From an industry point-of-view, what are your thoughts? What challenges or opportunities do you foresee for DISA?
Business Systems Modernization – People, Process, Technology
(Room 324)
Facilitator:
Yosira Jamison
Acting Chief
Business Systems Program Management Office (PMO), Engineering Branch
Defense Information Systems Agency (DISA)
Topic Description:
Discussion of the multiple organizational dependencies involved with Business Systems Modernization.
Problem Statement #1
Efforts to modernize business systems is complex and transformational. To complete the transition, an organization must integrate business, process, and technology. What advice can industry recommend for integrated the business processes and culture to support organizations transition to new business capabilities?
Problem Statement #2
Transforming and modernizing an organization’s business systems is a complex effort and involves every organizational element. What are the most effective methods for deploying new capabilities and what timelines should be expected to reach the outcome of integrated systems, process and people?
Cyber Operations Tools
(Room 325)
Facilitator:
Dr. Jim Travis, CISM
Division Chief
Cyber Situational Awareness/CyberNetOps
Defense Information Systems Agency (DISA)
Topic Description:
Operating, Sustaining and Defending the DoDIN requires a comprehensive set of capabilities that are used by Operators, Defenders and Program Managers. Over time, these capabilities diverged, resulting in overlapping capabilities and gaps that need to be addressed. Unified operations require an integrated approach to data brokering, integrated open source sensing, and an integrated hunt, analysis, and incident environment. This creates the need for tools convergence, the movement to cloud services, the use of machine learning/AI/Big Data, deep learning and related topics relevant to a converged, enterprise tools solutions.
Problem Statement #1
How does DISA, the DoDIN, and the Services and Agencies create an integrated, enterprise, cloud-oriented environment that is capable of providing continuous enterprise information management solutions in spite of hostile cyber actors who seek to disrupt DoDIN operations, sustainment, and defense?
Problem Statement #2
What role should artificial intelligence, deep learning, neural networking, high performance computing, graph databases, machine learning in managing the transition from a law enforcement approach (forensic and reactive), to an auto-orchestrated cyber war capability with machines fighting machines?
Endpoint Security
(Room 326)
Facilitator:
Fredrick Cook
Chief
Endpoint Security Branch
Defense Information Systems Agency
Topic Description:
DISA recognizes the growing emphasis on the importance of hardening cybersecurity at the endpoint. As more sophisticated cyber threats evade boundary security, DoD is investing in advanced approaches to detect and contain these threats. Whitelisting, Endpoint Detection and Response, and Containment technologies are all tactics DISA is actively deploying and utilizing as part of a larger cybersecurity strategy.
Problem Statement #1
Endpoint security solutions are strengthened by the anti-malware technologies they employ. What challenges and considerations are driving your planning for anti-malware effectiveness going forward? What innovative approaches to anti-malware are you pursuing?
Problem Statement #2
Target #1 for a cyber-attacker is to get to the endpoint. It is the pot of gold at the end of the rainbow. As it stands today, even if the endpoint device is able to detect anomalies and contain a threat locally, there are still challenges to effectively blocking similar threats at the boundary from getting to other endpoints, as well as communicating back to threat-actor command and control servers. DISA is interested in approaches from industry partners for vendor-agnostic threat intelligence sharing between the endpoint and perimeter security.