Trust 

A fundamental principle of cyber security is trust.  Trust is what allows information to flow and access granted to networks.  However, in an increasingly interconnected world where we access multiple networks every day, how can agencies evaluate trust?  This track will present several significant topics in the area of trust and discuss the ways that agencies can build it both now and in the future.

Keynote Address: CIOs and CISOs’ Nightmares and How to Sleep Better at Night
           Dan Chenok, Vice President & Director, Business Solutions and Offerings, IBM 
           Suzanne Lightman, Senior Advisor for Information Security, NIST Program Office, 
           National Institute of Standards and Technology (confirmed)

Panel 1:  Trust in the Increasingly Interconnected World

Technology supporting mobile connectivity and computing is exploding. The technology in our users’ private lives often outstrips the technology we provide at work.    This session will examine how to leverage that desire for connectivity to improve efficiency and productivity while maintain the security needed for Federal work.  1. How can federal agencies establish and maintain a trusted mobile environment for doing federal work when users are pushing for more ease and connectivity? 2. How can federal agencies move to more current mobile platforms while maintaining trust and security?  3. How will the Telework Act affect agencies’ use of mobile computing?

Moderator: 

Dan Chenok, Vice President & Director, Business Solutions and Offerings, IBM

Panelists: 
Larry Koskinen, Associate Inspector General for Mission Support, Internal Revenue Service
Ramon Barquin, President, Barquin International

Michael Howell, Deputy Program Manager, Information Sharing Environment, Director of National Intelligence

Panel 2:  Trust and the Next Generation of Systems

This session will examine the current state of research and development in the area of trust.  Among other areas, it will look at the rise of large scale networked models such as cloud computing and Smart Grid, as well as how trust can be built in to these new models.  1. What could trust in next generation technology look like in the future?  2. How does the adoption of cloud computing and the rise of large-scale networks like Smart Grid impact R&D in trust?  3. Could federal agencies function in large scale networks without trust and what could that look like?

Panel 3:  Forensics and the Federal Agency

Forensics is often looked as only as a tool of law enforcement and the Inspectors General.  This session will examine the current state of cyber forensics and the policies and technologies that agencies should consider before something goes wrong.   1. What is the current state of forensics for cyber security incidents? 2. How can federal agencies benefit from the use of forensic tools in the management of their networks? 3. What policies and procedures need to be in place to find and preserve evidence if wrong doing is suspected?  4. What is the role of auditing and other forensics tools in running a trusted environment?

Panel 4:  Expanding Identity Management

Strong identity management has become a mantra over the past few years.  This session will examine the role of identity management in trust and cybersecurity. 1. How can agencies use identity management as a basis for an exchange of trust both within and outside the federal government?

2. Key management is a key issue in any ID scheme. What is the current state of the art in key management and what are the pitfalls?  3. What does the existence of the National Strategy for Trusted Identities in Cyberspace (NSTIC) mean for Federal agencies?  4. OMB is pushing for expansion of HSPD-12.  What are the advantages and issues in expanding the use of PIV and interoperable PIV cards in establishing trust?