CERT Data Science in Cybersecurity Symposium 2018

Actions Panel

Registrations are closed

Ticket sales have ended

CERT Data Science in Cybersecurity Symposium 2018

When and where

Date and time


NRECA Conference Center 4301 Wilson Blvd. Arlington, VA 22203

Map and directions

How to get there


Learn about the latest techniques and tools for making sense of your data!

Modern computer networks generate incredible amounts of data. Making sense of this data is not only a critically important task for a company to remain competitive but also a near-impossible exercise that requires advanced software and highly trained personnel.

The field of data science focuses on creating techniques that uncover hidden patterns in enormous data sets and developing tools that enable this discovery in any data set and in any environment. Over the past few years, significant advances have been made in both techniques and tools that enable even the most subtle of patterns to be identified using modern computing power.

At this year's symposium, we focus on the topic of metadata, including how the field of data science has enabled deep insights from apparently limited data. At the symposium, we investigate how cybersecurity data relates to privacy and explore ways to manage that risk.

Finally, there is a tutorial at the event that explores the privacy risks associated with metadata and includes a discussion of how organizations can safely manage that risk.

Symposium Agenda

8:15 - 9:00 a.m.: Registration

9:00 - 9:15 a.m.: Symposium Introduction

Dr. Paul D. Nielsen, Director and CEO – Software Engineering Institute

Nielsen is Director and Chief Executive Officer of the Carnegie Mellon University Software Engineering Institute (SEI). Prior to joining the SEI, Nielsen served in the U.S. Air Force, retiring as a Major General and Commander of Air Force research. Nielsen is a member of the U.S. National Academy of Engineering (NAE) and a Fellow of both the American Institute of Aeronautics and Astronautics (AIAA) and the Institute for Electrical and Electronics Engineers (IEEE). He has served on many government boards and advisory groups, and is currently a member of the Defense Science Board.

9:15 - 10:00 a.m.: Invited Researcher

Dr. Lujo Bauer, Associate Professor – CMU Institute for Software Research

Bauer is an Associate Professor in the Electrical and Computer Engineering Department and in the Institute for Software Research at Carnegie Mellon University. Bauer's research interests span many areas of computer security and privacy, including building usable access-control systems with sound theoretical underpinnings; developing languages and systems for run-time enforcement of security policies on programs; and generally narrowing the gap between a formal model and a practical, usable system.

10:00 - 10:45 a.m.: Symposium Keynote Speaker

Ari Gesher, Director of Software Engineering – Kairos Aerospace

Ari Gesher is the founding Director of Software Engineering at Kairos Aerospace, a startup company that builds and operates the next-generation of airborne and spaceborne sensors for monitoring the oil and gas infrastructure.

Previously, he was an early engineer at Palantir Technologies, later serving as Palantir’s Engineering Ambassador to the tech community at large. Ari is also the co-author of The Architecture of Privacy, an O’Reilly book that outlines how to responsibly hold data about people while preserving their privacy to the greatest extent possible.

Prior to joining Palantir in 2006, Ari maintained the SourceForge.net open source archive. Ari is a prolific speaker on various topics, including human-computer symbiosis as system design aesthetic, the limits of automated decision making, and privacy architectures for a world where everything is recorded.

10:45 - 11:00 a.m.: Morning Break

11:00 a.m. - 12:00 p.m.: Interview of the Expert

Bob Rudis, Chief Security Data Scientist – Rapid7

Rudis is a Chief Security Data Scientist at Rapid7 and has over 20 years of experience using data to help defend global Fortune 100 companies. Rudis is a serial tweeter (@hrbrmstr), avid blogger (rud.is), author (Data-Driven Security), speaker, and regular contributor to the open source community (github.com/hrbrmstr). He currently serves on the Board of Directors for the Society of Information Risk Analysts, is on the editorial board of SANS Securing The Human program and was co-chair of the 2014 Metricon security metrics/analytics conference.

12:00 - 1:00 p.m.: Lunch

1:00 - 1:45 p.m.: Afternoon Keynote Speaker

Shawn Riley, Chief Data Officer and CISO – DarkLight Cybersecurity

Shawn Riley was named Chief Data Officer at DarkLight Cybersecurity following his successful eight months as a Senior Advisor to the company. As Chief Data Officer, Riley drives the product strategy and vision by advancing the artificial intelligence (AI) solution to the cyber ecosystem to support security operations, analytics, and reporting. Riley, a regular contributor to the Science of Security (SoS) Virtual Organization, has two decades of experience in the defense and intelligence communities.

Initially, Riley was part of the U.S. Navy’s Cryptologic Community, specializing in Information Assurance and Information Operations before transitioning to Lockheed Martin, where he last served as a Senior Fellow and Head of Cyber Intelligence. Prior to joining DarkLight, Riley spent a year as the Director of Cybersecurity Science at Monsanto Company.

1:45 - 2:45 p.m.: Symposium Panel

Eliezer Kanal, Technical Manager – CERT Division of the SEI (Moderator)

Kanal works in the CERT Division at Carnegie Mellon University's Software Engineering Institute. There, he leads a team of data scientists doing applied cybersecurity research. Before joining the SEI, Kanal worked for TubePress, ERIKdev, and Highmark and attended the University of Pittsburgh and Yeshiva University. He has worn a number of hats in the past, including computational neuroscientist, healthcare technical manager, financial quantitative analyst, freelance web developer, and IT consultant.

Dr. Greg Shannon, Chief Scientist – CERT Division of the SEI

Shannon is the Chief Scientist for the CERT Division at Carnegie Mellon University's Software Engineering Institute, expanding cybersecurity research, advancing national and international research agendas, and promoting efficient cybersecurity. Shannon serves on the U.S. Air Force Scientific Advisory Board. He recently served in the White House Office of Science & Technology Policy as the Assistant Director for Cybersecurity Strategy and led the development of the 2016 Federal Cybersecurity Research and Development Strategic Plan. He has testified before the U.S. Congress on cybersecurity, science for security, critical infrastructure, resilience, and cyber threats.

Shannon received a BS in Computer Science from Iowa State University with minors in mathematics, economics, and statistics. He earned his MS and PhD in Computer Sciences at Purdue University with a Packard Foundation fellowship. He is a member of the ACM and a Senior Member of the IEEE.

Mark Perlin, CSO and CEO – Cybergenetics

Perlin is Chief Scientific Officer and Chief Executive Officer at Cybergenetics. He has twenty years of experience developing computer methods for the information-rich interpretation of DNA evidence, and providing TrueAllele products and services to the criminal justice community. Perlin has testified about objective computer DNA evidence in state, federal, military, and foreign courts. He holds doctoral degrees in Mathematics (City University of New York) and Computer Science (Carnegie Mellon University), and a medical degree (University of Chicago).

Lisa Gumbs, Senior Advisor – Coalfire

Gumbs is a subject matter expert in privacy and policy. During her career, she has advised on privacy, data management, cyber operations, and compliance. She is currently providing expert advice to commercial companies about incorporating the new EU General Data Protection Regulation into their operations with Coalfire. Prior to her current position, she served in the U.S. Army as a Judge Advocate, where she advised on cyber operations, intelligence oversight, privacy and civil liberties, and data governance. Among her accomplishments, she assisted in drafting new DoD implementation guidance and policy on the use of open source information in operations. She was recognized by leadership as DoD's most knowledgeable attorney on the use of open source information. She has extensive administrative law experience, having provided guidance on matters such as investigations, FOIA/Privacy, regulations, and government ethics.

Gumbs earned her Juris Doctor from the University of Kansas School of Law, her Master of Laws in National Security from the George Washington University Law School, and Master of Laws in Military Law from the Judge Advocate General's School and Legal Center, Charlottesville, VA.

2:45 - 3:00 p.m.: Afternoon Break

3:00 - 4:00 p.m.: Symposium Tutorial

April Galyardt, Machine Learning Research Scientist CERT Division of the SEI

Galyardt is a machine learning research scientist in the CERT Data Science group of the Software Engineering Institute at Carnegie Mellon University. Galyardt focuses on applying statistics and machine learning to problems in cognitive science and cybersecurity. From 2012-2016, she was a professor at the University of Georgia, where she designed and taught the first machine learning course offered by the university. Her current research projects include developing machine learning models to assess mission readiness from log data in online training environments.

4:00 p.m.: Symposium Conclusion

The event is free to attend, but space is limited to 150 participants, so please make sure to register to reserve a seat. A continental breakfast and lunch will be provided to all participants to allow for networking opportunities.

Join us in Arlington, Virginia on August 29 for the CERT Data Science in Cybersecurity Symposium 2018. We hope to see you there!