The intersection of government and the private sector is a theme found in a number of sessions at RSA 2014.
Here are my picks for some key sessions government information security practitioners should consider attending. All of the sessions mentioned here will be held in Room 2009 at the Moscone Center West.
Two panels address vulnerabilities that could be baked-in to information technologies furnished by foreign manufacturers. Allan Friedman, co-author of "Cybersecurity and Cyberwar: What Everyone Needs to Know," and Jon Boyends, senior adviser for information security at the National Institute of Standards and Technology, are among the experts who will explore the impact on policies regarding technology acquisition in the panel: "Can Government Cybersecurity Policies Balance Security, Trade and Innovation?" It will be held Tuesday, Feb. 25, at 1:20 p.m.
Later Tuesday, at 2:40 p.m., Debora Plunkett, National Security Agency information assurance director, participates in the panel: "Facts vs. Fear: Foreign Technology Risks in Critical Industry Sectors." Experts will describe the necessary steps to effectively vet technologies to assure they're safe to employ.
Securing Data Centers
Teri Takai, the Department of Defense chief information officer, joins the former top cybersecurity policymaker at the Department of Homeland Security, Mark Weatherford, in a Wednesday, Feb. 26, 9 a.m. panel: "Securing Our Nation's Data Centers against Advanced Adversaries." Hear the panelists assess the standards and best practices being deployed to secure data centers around the world.
The federal government was slated to issue on Feb. 13 the cybersecurity framework, a set of voluntary best practices aimed to protect the information assets of the nation's critical infrastructure. Adam Sedgewick, the NIST official who shepherded the framework, will join other NIST experts and Samara Moore, White House director for cybersecurity critical infrastructure, in a session called: "An Overview of the Executive Order Cybersecurity Framework," at 9:20 a.m. Wednesday, Feb. 25.
Cybersecurity requires a challenging degree of collaboration among different government offices, particularly when responding to cyber-incidents. The panel "Government x2: State and Federal Collaboration on Cybersecurity," will be held Thursday, Feb. 27, at 9:20 a.m. It will be moderated by Cheri Caddy of the White House national security team and include the state of Michigan's Chief Security Officer, Dan Lohrmann.
"View from the Inside: DHS Priorities in Cybersecurity," at noon Thursday, Feb. 27, will feature the head of Homeland Security's National Protection and Program, Suzanne Spaulding, and Phyllis Schneck, deputy undersecretary for cybersecurity, addressing the areas where DHS will concentrate on cybersecurity.
CISOs David Stender of the Internal Revenue Service and Darren Van Boozen of the House of Representatives will join moderator and former U.S.-CERT Director Mischel Kwon Friday, Feb. 27, at 9 a.m. for the panel: "Leading Cybersecurity: Technically Sexy, Programmatically Dowdy." They'll discuss continuous monitoring in the federal government and how it has broadened the security leaders' job.
These are just a sampling of the panels, keynote addresses and other events at the conference of interest to the government information security professional. Let me know what you think of the conference.