cycon 3.0 - cybersecurity conference

Event Information

Share this event

Date and Time

Location

Location

Higher Education Center - NOVA Loudoun

21200 Campus Drive

Sterling, VA 20164

View Map

Event description
Join Us for Cycon 3.0! - Calling All Hackers, Cybersecurity Professionals, and Students

About this Event

Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics!

  • Networking
  • FREE Lunch & Refreshments
  • & Much Much More!

Our event is free ... but without Northern Virginia Community College, it would never be possible. Please feel free to support our cause and donate to NOVA here: https://www.nvcc.edu/alumni/donate/index.html

Agenda

8:00 - 9:15 AM

Registration & Check In

9:15 - 9:25 AM

Welcome/Opening Remarks

Michael Torres, Senior Solution Architect in AI, Cybersecurity, Cloud, and Human Resources at Serco Inc.

Location: HEC 203

9:30 - 10:15 AM

Keynote

Sex, Spies, and Fast Cars™ - Adventures with Smartphones

Presenter: Dave White

Location: HEC 203

10:15 - 10:30 AM

Break

10:30 - 11:20 AM

What is the Impact of Artificial Intelligence (AI) on Cybersecurity: Now and Later?

Presenter: Dr. Diane Murphy

Location: HEC 211

How to Control Risk when Moving to the Cloud

Presenter: Sushila Nair & Scott Vachal

Location: HEC 213

Someone’s borrowed my identity! Myths and misconceptions about identity management.

Presenter: Ken Myers

Location: HEC 203

11:30 - 12:20 PM

The Payments Ecosystem: Security Challenges in the 21st Century

Presenter: Phil Smith III

Location: HEC 211

Designing Security Dashboards

Presenter: Teresa Allison

Location: HEC 213

Secure Digital Transformation - Cybersecurity Skills For a Safe Journey to DevOps and Cloud

Presenter: Troy Marshall

Location: HEC 203

12:30 - 1:15 PM

Lunch and Networking

Location: HEC 203

1:30 - 2:20 PM

Play to Learn

Presenter: Khanh Dinh

Location: HEC 203

Achieving Zero-Time Threat Prevention using Deep Learning

Presenter: Bien Nguyen

Location: HEC 213

The Fifth Domain

Presenter: Sushila Nair

Location: HEC 211

We are proud to partner with The CyberWire. They distill the day’s critical cybersecurity news into a concise daily briefing and a weekly summary. No marketing emails, no spam, just the news. Subscribe for free today! https://mc.thecyberwire.com/cycon2020

Opening Remarks

Michael Torres - Sr. Solution Architect in AI, Cybersecurity, Cloud, and Human Resources at Serco Inc.

Michael Torres has over 20 years of experience as a Transformation and Global Change Agent for IT, Cloud Computing & Cybersecurity. He has lead multiple transformation efforts for both Fortune 500 and Federal Government organizations. Most recently, he designed the Human Capital Business Reference Model which he used to lead Federal HRIT Cloud Transformation. He also holds over 20 industry certifications and is currently a GWU doctoral candidate in Human and Organizational Learning with a research focus in Federal Cyber Policy. Michael currently serves as a Sr. Solution Architect in AI, Cybersecurity, Cloud, and Human Resources at Serco Inc. and a Professor in IT, Cybersecurity, and Cloud at NVCC.

Keynote Speaker

Cookies Stole My Privacy - Presented by: Teresa Skehan

Without a doubt, we can all agree that cookies are delicious baked treats. However, they are also a computer file that’s becoming more and more important in the digital age. Cookie advocates will laud the importance of improving the experience for users on the Internet. Privacy advocates will argue that we don’t need to have information about ourselves being stored, particularly as the information relates to our browsing habits.

The European Union Regulation, General Data Protection Regulation (GDPR), mandates that companies need to get your explicit consent to collect your personal information. Cookies can identify you via your device. That is why we are seeing so many websites requesting your permission before placing a cookie on your computer/device.

What are the pros and cons of cookies? Is our privacy being stolen from us? Come and participate in a lively debate relative to maintaining individual privacy and standing up to the biggest perpetrators of online tracking.

Speaking Topics

Secure Digital Transformation - Cybersecurity Skills For a Safe Journey to DevOps and Cloud presented by: Troy Marshall

According to IDC, 85% of enterprise decision-makers say they have a time frame of two years to make significant inroads into digital transformation or they risk falling behind their competitors and suffering financially. Unfortunately, an insecure digital transformation can cause even greater financial or reputational damage than not transforming at all.

Successful digital transformations don’t begin with technology, they begin with people. As organizations adopt DevOps and cloud and realize the increased release velocity, ensuring the security of software and systems at the same velocity is a necessity but doing so isn’t easy. In this talk you will learn about common security challenges in DevOps and cloud and the skills cybersecurity professionals need to solve these challenges.

Sex, Spies, and Fast Cars™ - Adventures with Smartphones presented by: Dave White

Smartphones have been revolutionary in transforming our daily lives and business.  They come with capabilities offering great convenience and mobile, timely access to information.  However, smartphones come with vulnerabilities, which threaten individual and organizational interests in ways most fail to recognize.  This presentation will examine the vulnerabilities inherent with smartphones, look at data collection, sharing and usage, and highlight the impact on the user.  It’s aim is to assist smartphone owners and enterprise managers in evaluating and mitigating risk through conscious choices, to develop secure behaviors, and into making informed decisions.  

The Payments Ecosystem: Security Challenges in the 21st Century presented by: Phil Smith III

We’ve all heard about the Ashley Madison breach—and Sony, and the IRS, and Target, and Equifax, and… Despite increased spending on security every year, data breaches keep happening, especially in the area of payment (credit and debit) cards. These instruments are established features of commerce, built on various networks and high-performance back-end systems.

How does this ecosystem work? What are its vulnerabilities and security gaps, and how can we defend them? Breaches occur despite best efforts, and despite PCI DSS compliance.

Come learn about how the payments ecosystem works, what really happened at Target and elsewhere, how the threat landscape is evolving, what the attackers are doing, and how merchants and processors are reacting.

The Fifth Domain presented by: Sushila Nair

The Pentagon calls cyber-space the fifth domain of conflict in addition to land, sea, air and space. In 2017 the world came the closest it has ever come to cyberwar. In this session, we will cover the evolution of cyberwar and how businesses should work to minimize the risk of becoming collateral damage in the war of tomorrow.

How to Control Risk when Moving to the Cloud presented by : Sushila Nair and Scott Vachal

Organizations are reinventing themselves through digital transformation. Cloud is an essential tool which enables this reinvention. How does cloud impact organizational risk? How can organizations build a cloud strategy that enables organization resilience whilst controlling costs. What questions should you ask to validate if your current cloud strategy enables you to have the best security strategy in place.

Designing Security Dashboards presented by: Teresa Allison

Information Technology Security Dashboards can be an effective tool for CIOs, CISOs, governance boards, and IT Security staff to utilize to gain a greater understanding of the organization’s IT security posture. Dashboards are often used to analyze IT security spending, track progress for cybersecurity projects, assess the effectiveness of security awareness training, monitor compliance, report security incident statistics, provide greater visibility into threats, and highlight vulnerabilities, and manage risks. This presentation will guide attendees through the process of designing IT Security Dashboards and the issues that must be considered and steps that must be taken when leading an organization through a dashboard design effort.

Play to Learn presented by: Khanh Dinh

Learn cybersecurity by playing games. This presentation will present resources on cybersecurity board game, card games, and capture the flags.

Someone’s borrowed my identity! Myths and misconceptions about identity management presented by: Ken Myers

What tools and methods can we use in our personnel lives to remain secure online? Come listen to Ken Myers apply an enterprise identity management approach to our everyday online transactions and help reduce the risk of stolen identities. He will present an identity management architecture and NIST assurance levels that correlate to securing your Google or Apple accounts, website indicators that should be trusted, a better method than SMS, and how to use universal 2 factor or a yubikey.

Achieving Zero-Time Threat Prevention using Deep Learning presented by: Bien Nguyen

Machine learning is a big step forward in combatting cyberattacks but is still no silver bullet. Many traditional cybersecurity solutions available today are causing huge operational challenges as they are inadequately defending against today’s complex and sophisticated threats. It has become increasingly evident that the solutions used to protect your company and its data need to work pre-emptively to prevent attacks, rather than just detect and respond to them. Fortunately, AI technologies are advancing, and deep learning is proven to be the most effective cybersecurity solution, resulting in unmatched prevention rates with proven lowest false positive rates. As you evaluate new technologies for your organization, understand the differences and benefits of Artificial Intelligence, Machine Learning, and Deep Learning.

This session will cover:

  • Introduction to Deep Learning – Differences between AI/ML/DL
  • Applying deep learning as a preventative approach to cybersecurity
  • Advantages of using deep learning to autonomously block any threat in milliseconds

What is the Impact of Artificial Intelligence (AI) on Cybersecurity: Now and Later? presented by: Dr. Diane Murphy

Everyone seems to agree that artificial intelligence (AI) is about to change the world we live in with a major impact on the way we work, even perhaps replacing some humans in certain jobs.

Let us first look at what AI is today, as it increasingly focuses on machine learning to implement predictive models in medicine, science, government and many more (so called narrow AI).

Next we will focus on the impact of AI on cybersecurity including:

  • The increasing use of AI-focused technology that we are expected to protect against both security vulnerabilities and adversarial machine learning attempts;
  • The ways that our adversaries (criminals, nation states and others) are using AI in their increasingly sophisticated cyberattacks; and
  • The AI techniques that we, as cyber defense specialists, can use to more effectively defend against cyber attackers, whether they are using AI or not.

We will discuss another underlying subject to all of this: can we trust AI? We will look at the potential pitfalls (the data being used to train the models and the human-generated algorithms themselves) and discuss the attributes leading to trustworthy and explainable AI.

We will end with a discussion of the role of data science, machine learning, and artificial intelligence in the education of tomorrow’s cybersecurity professional.

Meet The Speakers

KEYNOTE: Teresa Skehan, Director, Information Privacy and Protection Office , Cyber & Biometrics, IBM Global Business Services, Public Sector

Ms. Skehan is the Director of the Information Privacy and Protection Office, the General Data Protection Regulation Leader, and the Security Focal for IBM GBS North America. She is successfully leading a program to drive long-lasting, sustainable compliance with government, industry and corporate security policies, standards and procedures. She also oversees the management of Security Risk Assessors and Security Experts in the US, Canada, India, Mexico and Romania.

Throughout her career, her professional accomplishments and awards have been associated with thought leadership, technology evaluation and business alignment, security/privacy controls and privacy management. She has successfully transformed a cybersecurity risk management program to align with strategic technologies such as cognitive, mobile, cloud and Internet of Things; directed the remediation of numerous audit findings associated with the absence of business controls and inadequate management of system/technology changes; launched the design, development and implementation of a Public Key Infrastructure for the Mortgage Bankers Association of America (the establishment of a contract infrastructure provided the foundation for an industry-wide identity management solution for all eMortgage initiatives) and automated a company’ entire operations through the various stages of design, development, installation and support of mortgage software applications.

Recipient of numerous company awards; Crystal Award for displaying Exemplary Performance and Leadership; Premier Achievement Award and Technology Breakthrough Award; President’s Award for Leadership and Innovation; Management Team and Most Valuable Player Awards.

She holds a Master’s Degree in Security Engineering Management and several professional certifications: ISACA’s CRISC, CISA and CISM; IAPP’s Certified Information Privacy Professional for Canada, US Private Sector, US Government and Europe, Certified Information Privacy Technologist; and CSA’s Certificate Cloud Security Knowledge (CCSK). She is Director of Academic Relations, ISACA, DC Chapter and a frequent guest lecturer at local universities and colleges.

Michael Torres - Sr. Solution Architect in AI, Cybersecurity, Cloud, and Human Resources at Serco Inc.

Michael Torres has over 20 years of experience as a Transformation and Global Change Agent for IT, Cloud Computing & Cybersecurity. He has lead multiple transformation efforts for both Fortune 500 and Federal Government organizations. Most recently, he designed the Human Capital Business Reference Model which he used to lead Federal HRIT Cloud Transformation. He also holds over 20 industry certifications and is currently a GWU doctoral candidate in Human and Organizational Learning with a research focus in Federal Cyber Policy. Michael currently serves as a Sr. Solution Architect in AI, Cybersecurity, Cloud, and Human Resources at Serco Inc. and a Professor in IT, Cybersecurity, and Cloud at NVCC.

Troy Marshall, Executive Director, Secure Development & Operations, Information Security Office, The College Board

Troy Marshall has 20 years of experience in the IT industry, primarily focused on the delivery of secure, reliable enterprise software in organizations ranging from startups to large enterprises. He began his career with a very small software startup building and delivering software-as-a-service (SaaS) before that term had even been coined. As is the case with many IT professionals in the DC area, he spent a few years as a federal government contractor delivering secure web applications in support of Centers for Medicare & Medicaid Services health care quality improvement and pay for performance initiatives. For the last 7 years, he has been working to enable secure digital transformation efforts through DevSecOps. Troy is currently Executive Director, Secure Development & Operations at the College Board.

Dave White, Senior Systems Engineer, OG Systems, a Parsons Company

Dave White has worked for and supported the U.S. government in a broad range of roles and missions within the Intelligence and Defense Communities for over 30 years. His experience includes directing and managing imagery and signals collection operations and intelligence analysis teams and organizations. One of his key focus areas has been in identity intelligence to include biometrics, behavioral analysis, and biographical data. He has been a guest speaker at the CIA’s Sherman Kent School for Intelligence Analysis, National Geospatial-Intelligence Agency College, Department of Defense’s Joint Special Operations University, and the National Signatures Symposium. He is a contributing author to Beware the Predator: The American’s Guide to Personal Security, and has appeared on One America Network, Fox & Friends First, Fox Business, and Cheddar.com to discuss privacy, commercial data collection, usage and sharing, and cybersecurity. Dave is currently a Senior Systems Engineer with OG Systems, a Parsons Company, in Chantilly, Virginia.

Sushila Nair, Senior Director, Security Portfolio, NTT DATA Services NTT DATA, Inc.

Sushila Nair is on the board of the GWDC, the Greater Washington, D.C. Chapter of ISACA and plays an active role in supporting best practices and skills development within the cybersecurity community Sushila has worked as a Chief Information Security Officer for ten years and has twenty years’ experience in computing infrastructure, business and security. Sushila has consulted in many diverse areas including telecommunications, risk analysis, credit card fraud, and has served as a legal expert witness. She has worked with the insurance industry in Europe and America on methods of underwriting e-risk insurance based on ISO27001.

She has published numerous articles in the computing press on risk and security, and has spoken at Segurinfo, CACS, TechMentor, FinSec and many other global technical events on diverse subjects ranging from managing risk to designing security baselines.

Scott Vachal, Client Executive, Soter Cloud Solutions

Scott Vachal applies his more than 30 years of financial, managerial, and cyber security/IT experience to assist mid-sized entities transition to the cloud environment. Financial analysis has been a primary thread through his career, after obtaining his MBA (Information Systems & Quantitative Studies). Mr. Vachal has consulted for a full range of companies, from Fortune 500, such as AT&T, Dun & Bradstreet, to mid-sized and small businesses. He later provided financial advice as a Certified Financial Planner® (retired) to business owners, before returning for a Masters in Management of Secure Information Systems. Mr. Vachal founded Meridian Cyber Defense, which provided IT and cyber security support to the SMB market. He currently is a Client Executive for Soter Cloud Solutions.

Mr. Vachal also serves with ISACA-GWDC as Liaison to Cloud Security Alliance (CSA) and as Associate Director Vlogging & Channel Content. Scott has traveled to 70 countries, but has yet to see the Hawaiian Islands.

Phil Smith III, Senior Architect & Product Manager, Mainframe & Enterprise Distinguished Technologist, Micro Focus (Voltage)

Phil is a Distinguished Technologist and Senior Product Manager and Architect at Micro Focus International. He has spent the last 40 years doing and managing software support/development. Phil also creates technical reference books, contributes to trade journals, speaks at national and local user groups, and tracks Payments evolution.

Teresa Allison, Vice President of Programs for the Information System Security Association (ISSA) DC Chapter

Teresa Allison is Vice President of Programs for the Information System Security Association (ISSA) DC Chapter. She has worked in the field of information technology consulting for over 18 years. She provides clients with solutions for managing multi-billion dollar IT programs. She specializes in strategic planning, budgeting, performance management, portfolio management, governance, risk management, legal & regulatory compliance, project management, program management, process improvement, business operations transformation, strategic communications and stakeholder management.

Allison has supported clients in the domain areas of Health & Human Services, Homeland Security, Transportation, Financial Regulatory Agencies, Veterans Affairs, Diplomacy & Foreign Affairs, as well as International Development & Foreign Assistance. Teresa Allison currently provides cybersecurity policy, risk, governance, compliance support to Federal CIOs and CISOs. She assisted a global strategy consulting firm in implementing IT security and privacy policies to comply with the European General Data Protection Regulation (GDPR). She has also taught CISSP certification classes at ASM Educational Center.

Teresa received her bachelor’s degree in Political Science from Xavier University. She graduated from Carnegie Mellon University’s H. John Heinz III School of Public Policy with a Master of Science in Public Policy and Management with a concentration in Management of Information Systems. She is certified IT professional who currently holds the PMP, CSM, ITIL, Security+, CGEIT, CISA, CISSP, CCSK, and Lean Six Sigma certifications.

Teresa Allison is the Past President of the Carnegie Mellon University Heinz College Alumni Association comprised of over 11,000 alumni from around the world. She currently serves as a volunteer for the Women’s Society of Cyberjutsu which encourages women to pursue careers in Cybersecurity. She also coordinates higher education outreach programs for the Project Management Institute (PMI) as a member of the Higher Education Partnerships committee. Allison is also a member Information System Audit and Control Association (ISACA) DC Chapter and the Healthcare Information Management Systems Society (HIMSS).

Sushila Nair, Senior Director, Security Portfolio, NTT DATA Services NTT DATA, Inc.

Sushila Nair is on the board of the GWDC, the Greater Washington, D.C. Chapter of ISACA and plays an active role in supporting best practices and skills development within the cybersecurity community Sushila has worked as a Chief Information Security Officer for ten years and has twenty years’ experience in computing infrastructure, business and security. Sushila has consulted in many diverse areas including telecommunications, risk analysis, credit card fraud, and has served as a legal expert witness. She has worked with the insurance industry in Europe and America on methods of underwriting e-risk insurance based on ISO27001.

She has published numerous articles in the computing press on risk and security, and has spoken at Segurinfo, CACS, TechMentor, FinSec and many other global technical events on diverse subjects ranging from managing risk to designing security baselines.

Khanh Dinh, Assistant Professor, Northern Virginia Community College

Dinh is an assistant professor at the Loudoun Campus. He obtained his master's degree in Telecommunications and Master Certificate in Telecommunications Forensics and Security from George Mason University. He was a Senior Information Security Analyst supporting various government contracts.

Ken Myers, Principal Architect, Unisys

Kenneth Myers is a Principal Architect with Unisys Federal leading their federal identity and access management solutions. He has more than 15 years of experience partnering with a variety of public and private organizations in breaking down complex challenges and implementing outcome-driven solutions. Kenneth is also former active duty Marine where he led communication and physical security teams globally. Kenneth is active in many local professional association chapters. He is a board member with the ISACA Greater Washington DC chapter and a member of the International Association of Privacy Professionals, Project Management Institute, and an Eagle Scout with the Boys Scouts of America. Connect with him on twitter or linkedin @IDMKen.

Bien Nguyen, Solutions Engineer, Deep Instinct

Bien is a Solutions Engineer at Deep Instinct where he consults his clients on using a defensive cyber security solution that harnesses the power of deep learning analytics, with real time prevention of cyber threats. He and his team are working to solve the problem of polymorphic viruses and prevention at the pre-execution stage before it impacts the attack vector. Bien believes that deep learning will not only enable us to prevent cybercrime, but will also help us understand human intelligence and mechanisms of human learning. His philosophy is to use a simple approach to solve complex problems.

Bien’s past speaking topics include: Mobile Threat Defense, Endpoint and IoT Ransomware Prevention, Security Beyond the Perimeter, Cloud SaaS Applications Security, and Prevention of 5th Generation Cyber Attacks

Dr. Diane Murphy, Head of Information Technology, Data Science, and Cybersecurity, Marymount University

Diane Murphy has a long and varied information technology career and was an early developer of expert systems, the precursor to today’s artificial intelligence (AI) systems. She has worked all over the world as an expert in chemical informatics, using expert systems to predict the biological and toxicological activity of chemicals. Since immigrating to the US, she has diversified her technology expertise in areas such as software development. data science, cloud computing, and cybersecurity. She has been at Marymount University as a professor since 2002 where she directs undergraduate, master’s, and doctoral programs in various technology fields including data science, cloud computing and cybersecurity. In 2020, she is one of the 12 recipients of the Commonwealth of Virginia (SCHEV) Outstanding Faculty Award.

Follow cytalks on twitter (https://twitter.com/cytalks) and visit our website (https://cytalks.com) to see all our upcoming events!

Date and Time

Location

Higher Education Center - NOVA Loudoun

21200 Campus Drive

Sterling, VA 20164

View Map

Save This Event

Event Saved