This constitutes the entire agreement between National Conference Services, Inc. (NCSI) and the company named below (to be referred to as Exhibitor), to exhibit on the following date(s) and place(s), for the sum of (total $ amount from below).
Please review the terms and conditions before proceeding further.
* indicates a required field
Your NCSI sales rep will calculate any discounts before processing payment or preparing an invoice. The discounts will be reflected on your final bill, not on this registration.
Please submit the name of the representative that should be listed in the program guide. Leave this area blank if you are registering for multiple events that will have different representatives.
The following information is required for Exhibit Listings. This information must be supplied upon returning this Application & Agreement.
For in person events up to 3 company representatives may staff your exhibit table during the expo. Some venues may have special COVID-19 related policies in place, and that number may be limited to 1 or 2 representatives. If you require more than 3 representatives you will need to purchase additional exhibit space. NCSI will only process event access information for up to 3 representatives.
I hereby consent to NCSI’s terms and conditions.
This will become a legal and binding contract subject to acceptance by NCSI.
Moderator: Frederick Johnson
Panelists: Tom Lam, ODNI; Charles (Chuck) Bellenger, ODNI; James Long, ODNI; Mac Townsend, ODNI
The Offices of the Department of Defense (DoD) Chief Information Officer (CIO) and Director of National Intelligence (DNI) Intelligence Community (IC) CIO are working together to deliver multi cloud services from “core to edge.” This forum will explore and illuminate key community findings and recommendations aimed at accelerating collective OCONUS cloud delivery. Panel discussion will also include the most up to date information regarding ongoing joint activities.
Presenters: Sean Miles, DIA; Stephen Lee, DIA; Adam Matthews, DIA
This presentation will introduce key DIA SCRM Senior Steering Group representatives from: CIO, OCI, OGC, CFO, SEC, and SCRM-PO. Moderated by CIO-SCRM, the Steering Group will lead a practical discussion on systemic supply chain risks and comprehensive risk-assessment reporting to support timely decision-making and risk mitigations. Steering Group members will dissect policies, controls, and processes when requesting DIA Supply Chain Risk Management services. Panel membership will also include a guest external customer – who will provide their perspective on the capacity to navigate DIA SCRM services, and receive ‘DIA SCRM Certs’ to support acquisition & deployment requirements.
Presenter: Ricky Clark, NIH
In May 2021, President Biden issued an executive order to strengthen and improve America’s cybersecurity. Known as “Zero Trust” the order called for federal agencies to wall off information technology (IT) systems behind a secure network perimeter. Two years later, federal agencies are “on the clock” and actively working to integrate Zero Trust architecture into their existing IT environment.
According to a recent report from General Dynamics Information Technology (GDIT), the “Agency Guide to Zero Trust Maturity,” civilian and federal agencies are making progress toward meeting zero trust but continue to face significant challenges in implementation, such as lack of IT expertise, identifying and prioritizing needs and concerns around repairing or rebuilding existing legacy infrastructure.
With a September 2024 deadline looming for compliance, what can agencies do to ensure they are compliant in 2024.
During this session, NIH Information Technology Acquisition and Assessment Center (NITAAC) will explore the barriers agencies face in realizing zero trust and identify solutions that exist within the confines of the NITAAC Government-wide Acquisition Contracts (GWAC)s.
The session will discuss the following:
• Overview of Zero Trust
• Common barriers agencies face
• Practical solutions within the NITAAC GWACs to help overcome them
Presenter: Cory Steer, NSA
As the U.S. Government shifts towards implementing a Zero Trust framework on its information technology systems, it’s essential that ICAM systems are deployed in a robust and defensible posture. Various attacks exist for exploiting existing ICAM technologies and processes. Defining threat models and secure processes for foundational identity and authentication services is critical to support the successful implementation across DoD & IC information systems.
Presenter: John Lee, NGA
Software is key to almost every NGA mission, which means NGA must provide its developers with the best tools to build, release, and operate software securely at the speed of mission. NGA’s Common Operations Release Environment (CORE) seeks to answer that requirement by providing a shared environment with a collection of integrated development and operational services for teams inside and outside of NGA. The beginning of CORE dates back to 2016, when NGA first delivered a modern Platform-as-a-Service for teams to build on. The capabilities grew over the years. Today’s version of CORE gives software development teams a common toolset to build software more reliably, efficiently, and securely on all domains. CORE currently has seven service offerings—DevSecOps, Platform-as-a-Service, API Management, Developer Experience, Continuous Monitoring, Workflow Orchestration, and Messaging—with ML Ops coming soon. This presentation will provide an overview of CORE services and how adoption of the CORE is facilitating fulfillment of the NGA Software Way strategy, as well as give some examples of mission capabilities delivered to operations through the CORE.
Presenter: Liza Briggs, USMC
Emerging technologies rely on a workforce that understands the importance of not only improving technology but also protecting it through actions such as reporting suspicious behaviors and activities. The presentation describes individual behaviors and work culture characteristics indicative of risk and threat from trusted insiders and unpacks reporting versus non-reporting behaviors. The presentation will also address cultural change strategies to build and maintain secure cyber landscapes through deliberate and ongoing engagement with people in ways that support the protection of our rapidly emerging technology spaces.
Presenter: Vanessa Hill, DIA
The ability to keep ahead of our adversaries is only possible with the right people, with the right talent, at the right time. This breakout session will discuss CIO’s Strategic Workforce Planning effort as a strategic investment priority utilizing an integrated repository, with a dynamic user interface, facilitating access to high-quality workforce data to enable accurate forecasting and enhancing decision-making.
Presenter: Graig Baker, DISA
DISA SD43 National Gateway Branch provides a range of assured messaging and directory services to a customer community that includes the Military Services, DoD Agencies, Combatant Commands (CCMD), and Other U.S. Government Agencies (OGA) and the Intelligence Community (IC). DISA is preparing to field the Organizational Messaging Service Java Messaging Service (OMS-JMS), a cutting-edge messaging and directory support solutions and services implementing the IC Message Service (ICMS) XML standard for hi-fidelity message formatting while continuing to support legacy ACP-127/128 gateway connections to provide seamless interoperability across our customer community for the preservation of National Defense. This presentation provides the messaging community an overview of the new DISA OMS-JMS solutions and services which are to begin fielding during FY24.
Presenter: Joshua Stageburg, SolarWinds
As Department of Defense (DoD) agencies work to manage some of the most complex IT environments, some are considering self-driving operations. To achieve full autonomy, agencies must have observability of the tech stack first. In this engaging session, Joshua Stageberg, Product Management lead for SolarWinds SaaS Observability Products, will explore how and why observability is a core tenet of self-driving operations and how it can overcome challenges posed by today’s IT environments.
Presenters: Katie Kalthoff, DIA; Jonathan Abolins, DIA; Joshua Burke, DIA
DIA Platform-as-a-Service (DPaaS) is an enterprise container management platform that provides an open ecosystem to build, integrate, and enhance applications and services to meet requirements for production mission capabilities. Containerized applications hosted on DPaaS environments benefit from scalability, built-in security, hybrid-IT capabilities, and infrastructure-agnostic deployments. DPaaS enhances a developer’s ability to focus on functionality, enabling mission applications to be rapidly prototyped, deployed, and moved at the speed of mission while reducing technical overhead. DPaaS is also a leading force in DIA’s effort to provide compute and storage services at Edge locations. DPaaS enables application developers to build once and deploy everywhere, meaning to multiple networks as well as to the Edge. Edge deployments are a necessity in the era of strategic competition where warfighters and decision-makers must be able to quickly access data and applications in low-bandwidth or disconnected areas. DPaaS is pushing deployments to regional and edge locations to enable mission support while making applications easier to manage. Edge deployments allow for fewer service disruptions to forward deployed intelligence personnel and continued operations during disconnected events. This greater flexibility and ability to meet mission need will be a driving factor for greater innovation within IC application development.
Presenter: Jamie Milne, NSA
Fine-grained attribute-based access controls (ABAC) are a fundamental component of zero trust architectures. Robust data tagging is an underlying necessity for implementing an enterprise ABAC solution. The National Security Agency will share lessons learned and future goals for their “Static Tags, Dynamic Policy” approach to designing and implementing robust data tagging to support fine grain zero trust access controls.
Presenter: Charles Bellinger, NGA
As part of NGA’s greater multi-tiered edge strategy, Joint Regional Edge Nodes (JREN) and Odyssey systems—designed to facilitate the movement of critical intelligence and data sharing—are being deployed to combatant commands. JREN is an innovative, highly scalable, next-generation edge node capability providing the foundation to support Sensor to Effect (S2E) and future ground architecture with multiple cloudlike layers to enable seamless interoperability and collaboration in both connected and disconnected states. Deployed in January 2022, JREN provides significant storage, computing power, transport bandwidth, and applications closer to the tactical edge. JREN will support expanding DoD, IC, and coalition customer requirements with AOR-specific content, GEOINT/partner applications, and high-performance computing. Odyssey is a forward-deployed system that provides access to applications and theater GEOINT data hosted on local servers to support users at the edge in the event of disconnected ops. Using a combination of hardware, apps, data, and products, Odyssey deployments are available via a web browser established on theater users’ networks and connected back to NGA. This presentation will focus on design considerations such as increased resiliency in Denied, Degraded, Intermittent, and limited bandwidth (DDIL) environments via direct satellite downlink; reduced transport latency; and use of NGA’s Common Operations Release Environment to develop, deploy, and operate modern GEOINT software. This presentation will also highlight how automation, artificial intelligence, and other JREN and Odyssey services are prepared for the exponential growth in intelligence sensors and collection capabilities.
In today’s digital age, websites and applications have become an integral part of our daily lives and the digital landscape has transformed the way we interact with the world. However, not all users have the same abilities, and it is crucial to ensure that digital experiences are inclusive and accessible to everyone, including those with disabilities. DIA’s first-ever 508 IT Accessibility lab promotes a more inclusive and diverse digital environment, where everyone can participate and benefit from digital experiences by ensuring products are usable and accessible to all users. Come join us to learn how DIA is developing and testing capabilities, such as improved closed captioning on multiple platforms (VTC, SVTC, and DVTC) to leveraging virtual desktop to host a lightweight application that provides translation capabilities to support DIA’s multilingual Deaf and Hard of Hearing (DHH) members, and more. Incorporating accessibility testing into your digital product development process, and embracing the power of accessibility testing and training, unleashes the full potential of your digital products and creates a more inclusive digital environment for all users.
Presenters: Jonathan Abolins, DIA; Katie Kalthoff, DIA; Joshua Burke, DIA
Hybrid IT provides a solution that combines the capabilities of commercial cloud, government-owned data centers, and edge devices into one single capability. By using Hybrid IT, the Defense Intelligence Enterprise gains the flexibility to leverage the advantages of each service model to address the needs of different mission sets. A mix of cloud and on-prem provides improved disaster recovery capabilities, higher availability, and the ability to access mission-critical applications and data from anywhere, even in disconnected locations. However, hybrid and multi-cloud architectures pose unique security challenges and require a different approach than what solely on-prem environments or single clouds require. Without additional protections, we face the risk of fragmented security solutions and a decrease in threat visibility. The Defense Intelligence Agency protects enterprise and customer applications with a security service mesh which provides zero-trust enabled capabilities such as authorization and access control, network segmentation, end-to-end encryption, and continuous monitoring. The application networking layer provides baked-in security from development to production and enables threat monitoring across fragmented application networks and clouds.
Presenters: Kevin Shaw, Guidehouse; Christine Owen, Guidehouse
The Executive Order on Improving the Nation’s Cybersecurity (EO-14028) was released over two and a half years ago. While the EO rapidly accelerated programs across the federal government, we are now in a position to reflect and look to the future of Zero Trust. We will share lessons learned from real-life Zero Trust deployments (including what has worked, what hasn’t) and how organizations can and should continually evolve and adapt their program.
Presenter: Gina Scinta, Thales Trusted Cyber Technologies
Quantum computing’s impact is likely to be large—the potential computational power could render today’s encryption algorithms obsolete. Attend this session to learn how to start the transition to quantum-safe cryptography and the key factors to consider when preparing for a quantum-safe encryption strategy:
• How long-term data is subject to early attacks
• Key initiatives that address the quantum threat
• What to look for in a quantum-resistant crypto solution
• How to design a quantum resistant architecture
Presenter: Tim Wood, DIA
The Defense Intelligence Agency is developing the Machine-assisted Analytic Rapid-repository System (MARS) to transform the management and production of intelligence on foreign military capabilities. This briefing will provide an update on MARS development efforts and discuss some of the lines of effort toward full operating capability.
Presenter: Bailey Bickley, NSA
Defense Industrial Base (DIB) companies are relentlessly targeted by our adversaries, who seek to steal U.S. intellectual property, sensitive DoD information and DIB proprietary information to undermine our national security advantage and economy. NSA is working to contest these efforts by providing no-cost cybersecurity services to qualifying DIB companies. NSA’s services are designed to help protect sensitive, but unclassified, DoD information that resides on private sector networks by hardening the top exploitation vectors that foreign malicious actors are using to compromise networks.
Eradicating cybersecurity threats to the DIB is an NSA priority. NSA’s Cybersecurity Collaboration Center (CCC) provides no-cost cybersecurity solutions for qualifying DIB companies. These solutions are easily implemented and scalable to protect against the most common nation-state exploitation vectors and are designed to help protect DoD information and reduce the risk of compromise. These services include Protective DNS, attack surface management, and access to NSA non-public, DIB-specific threat intelligence. Our pilot program is evaluating additional services for release.
Hundreds of industry partners of all sizes and complexities have already signed up for NSA’s cybersecurity services, which has helped protect these networks against malicious cyber activity. The no-cost cybersecurity services have also assisted with the early identification, exposure, and remediation of multiple nation-state campaigns targeting the DIB.
Presenter: Andrew Heifetz, NGA
With the rise of Commercial Cloud Environment (C2E), programs have the potential to use services from multiple Cloud Service Providers (CSPs). Multiple CSPs can decrease cost through competition and increase innovation by providing exquisite and unique services. However, developing for a multiple cloud environment is fraught with challenges including data gravity/portability, lack of interoperability standards, multiple cloud knowledge gaps, and security accreditation. In order to address these challenges and prepare for C2E, NGA conducted several multiple cloud pilots and will share the lessons learned as well as recommendations to prepare for multiple cloud development. This presentation is important for anyone considering multiple clouds and hybrid environments.
Moderator: Bob Crawford
Panelists: Randy Resnick, DoD; David Voelker, DoN; Jennifer Kron, NSA; Ben Phelps, ODNI; Evan Kehayias, NGA
This session is essential for attendees responsible for or in roles related to defending against the growing, sophisticated Cyber threats the DoD and IC face. To strengthen our defenses, a Zero Trust Architecture (ZTA) will be implemented across the DoD and IC. To enable this, sound strategies with support from a ZT Architecture (ZTA) will help to guide the DoD and IC to accomplish Zero Trust maturity from basic, to intermediate, to ultimately advanced levels over the next five years.
The Office of the Intelligence Community Chief Information Officer (OIC CIO) developed a comprehensive Zero Trust (ZT) strategy and framework. The framework was developed by the IC ZT Steering Committee (ZTSC) and approved by all 18 IC elements. This session will focus on the tenets of the framework to include 31 capabilities, 4 maturity models, 7 pillars, and the IC ZT Architecture.
DoD has developed their own robust Zero Trust framework. Working collaboratively the IC and DoD must implement Zero Trust, improving overall Cybersecurity while maintaining interoperability and data sharing capabilities.
In this panel discussion, cybersecurity experts from the DoD and IC will discuss both the challenges and opportunities to significantly improve information protection capabilities and implementations by adopting the Zero Trust approach — “never trust, always verify, assume breach” — to protect U.S. national security assets.
Presenters: Marissa Snyder, DIA; Lauren Hix, DIA; Lisa Schrenk, DIA
Vintage is in, but not when it comes to payroll and benefits. Operating in a 20+ year-old IT system, DIA’s Office of Human Resources (OHR) current processes are overly complex, manual, and siloed. This resulted in incomplete, inconsistent datasets and slow reaction times to pivot the HR apparatus to mission needs. Even more importantly, this has taken DIA employees away from mission by burdening them with mundane administrative tasks. Soon, all of this will fade into history (like disco)!
Propelled through the HR Modernization investment, we’ve taken revolutionary steps to transform DIA’s HR infrastructure to strengthen DIA’s mission posture for strategic competition. We invite you to learn more about our efforts and how we’ve gleaned helpful, data-driven insights from various studies of our workforce, networking with Department of Defense (DoD) and Intelligence Community (IC) partners, and engaging with commercial entities.
This transformative shift requires a whole-of-agency cultural change to scale our capabilities for future needs. The modernization and overhaul of DIA’s HR is centered around creating exceptional employee experiences, reducing process timelines, increasing data quality and transparency. Cutting through the chaos created by a constrained and outdated infrastructure, HR Modernization is enabling DIA to put the right people in the right place, with the right skills needed to execute the mission.
Presenter: John Boska, DIA
Many government processes are lengthy and time-consuming, including the process of taking an application from development to production on government hosted networks. This poses a problem for mission-critical applications for which speed and efficiency is essential for getting information to intelligence personnel in the era of strategic competition. DIA’s Capability Delivery Pipeline (CDP) was created to simplify and modernize application development in the IC. CDP is a streamlined software development pipeline which embraces the DevSecOps methodology and industry standards. CDP will streamline the Authority to Operate (ATO) process, incentivize continuous integration and delivery (CI/CD), and abstract much of the overhead that comes with developing and deploying applications – including built-in security, governance, and hosting. CDP’s strategic goal is to provide one ecosystem used for secure software, hardware, service development, testing, and deployment spanning DIA’s Unclassified (IL5), Secret (IL6), and Sensitive Compartmented Information (SCI) networks. CDP also aims to bring in more cloud service providers to DIA to allow for infrastructure-agnostic development and reduce costs of development by eliminating duplicate services and capabilities. This pipeline will enable max capability for DIA customers and stakeholders and increase information sharing with agency partners and foreign allies. Ultimately, CDP empowers DIA to accelerate the delivery of capabilities and services to obtain a competitive advantage against our adversaries.
Presenter: Chris Cyr, Sterling Computers
A full featured platform targeted for next generation wireless evolution that eases developer onboarding and algorithm development in real time networks. The development of future communication systems depends on the availability of a programmable end-to-end (E2E) research and innovation platform. Including network elements that are programable with rapid simulation, prototyping and benchmarking of experimental Machine Learning based algorithms and techniques.
Moderator: Ramesh Menon
Panelists: Robert Lawton, ODNI; Dr. Abby Fanlo, CDAO; Elham Tabassi, NIST
As AI becomes increasingly more prevalent and advanced, the potential to positively impact every sector of our society has become apparent. While AI technologies have created tremendous efficiencies in how we live, think, and choose to invest our time and energy, it also has the potential to harm those that use it if not properly managed. The risks can become especially high when AI is used for critical national security missions. As the Department of Defense (DoD) and Intelligence Community (IC) continue to adopt AI as a disruptive technology used to advance warfighting and intelligence gathering capabilities, it is imperative that we trust AI that is being used for these critical national security missions. On this panel, you will hear from experts spearheading the AI Ethics initiatives that will affect industry, DoD, and IC. Topics discussed will include the new AI Risk Management Framework, DoD Ethical AI Principles, and how these will affect how we use and create trustworthy AI systems. Panelists include AI Ethics experts from the Chief Digital and Artificial Intelligence Office and National Institute of Standards and Technology. This panel will be moderated by DIA’s Chief Technology Officer, Mr. Ramesh Menon.
Moderator: Sudhir Marreddy
Panelists: James Long, NGA; Ben Davis, ODNI; Amy Heald, CIA; Dylon Young, OUSD (I&S)
This session will be a must-attend breakout for attendees to gain an understanding and perspective of the emerging technologies that present both threats and opportunities for U.S. national security. The panelists will include participants from both the DD and IC covering rapidly emerging technology areas such as AI/ML, Cloud, Cybersecurity/Zero Trust, Data, Digital Foundations, Interoperability, Networks, and more.
With adversaries on the cusp of surpassing the U.S. in the near future, challenging our technological leadership, this panel will discuss the existential threat of rapidly emerging technologies. We will explore how we can both protect U.S. national security and prevent our adversaries from gaining access to, acquiring, developing and advancing their capabilities while we leverage those same capabilities.
Presenters: Col Michael Medgyessy, USAF
DAF CLOUDworks provides Enterprise and Security Services (IaaS), Platform as a Service (PaaS) and Collaboration tools (SaaS) to the DoD and AF IC. Partnered with Platform One, we provide DevSecOps pipelines across the Unclass, Secret and Top Secret cloud environments. Using our Operational DevSecOps for ISR NEXGEN (ODIN) platform enables your developers to focus on your application instead of underlying infrastructure. Our enterprise services reflect the security guardrails our Authorizing Official set forth. We are constantly iterating and adding common services to bring max value to our customers across the DoD and IC.
Presenters: Chris Folchi, DIA; Ronnita Lyons, DIA
Consistent with the theme of Chaos to Clarity, leveraging emerging technologies, this presentation will lead a practical discussion on developing and implementing a governance model with executive sponsorship that enables long term sustainability of software platforms and better decision making when it comes to selecting an appropriate IT solution for their automation needs.
Fine-grained access control is a core component for enabling mission systems to implement advanced zero trust architectures. GATEKEEPER is the proprietary solution developed by the National Security Agency to implement mission-based entitlement management and is available to partners. GATEKEEPER’s configurability empowers mission owners by decoupling need to know access from organizational structures. This foundational design decision further enhances the ability of mission owners to enforce fine-grained access controls on their mission data.
Presenters: Tomas Monell, USSOUTHCOM; Jacob Webster, USSOUTHCOM
Presenter: Dan Hetrick, ODNI
Building clarity into a shared vision by defining the chaos. What does DEIA have to do with aligning a workforce? Diversity, Equity, Inclusion, Accessibility. Regardless of how one sees the message of DEIA, amazing potential rises by aligning organizational mission with DEIA principles.
This presentation will highlight 10 ways to begin building a mindset under the Universal Principles within DEIA that will create a vision that drives mission to produce these benefits (at minimum), including better informed leaders in tune with the workforce, effective decision making, a shared vision that everyone supports, better products usable by everyone, Innovation, Security, Risk Mitigation, effective succession planning, and finally… A model of excellence for everyone to follow!
Moderator: Ramesh Menon
Panelists: Eric Ostby, Aliro Quantum; Brandon Rodenburg, MITRE; Terry Halvorsen, IBM; Pete Shadbolt, PsiQuantum
As an emerging and disruptive technology, quantum computing is increasingly important to national security as the Defense Intelligence Agency focuses on Strategic Competition. The quantum panel includes perspectives from industry and research and development quantum experts with a focus on applications of quantum computing, quantum networking, major players in the quantum realm, and how we can collaborate to enhance quantum technology to meet the demands of Strategic Competition. Panelists will include subject matter experts from the Aliro, MITRE, IBM, and Psi Quantum. This panel will be moderated by DIA’s Chief Technology Officer, Mr. Ramesh Menon.
Moderator: Shannon Paschel
Panelists: Elciedes Dinch-Mcknight, DIA; Katie Lipps, DIA; Dr. Rosemary Speers, DIA ; Lori Wade, DIA
CIO is trying to foster a growth mindset to drive organizational change in culture and structure by making a concerted effort to develop and promote leaders from within and to fully utilize the talents of executive women for more diverse leadership. Addressing barriers and challenges experienced from various types of discrimination and bias based on the intersection of gender, race, and other personal characteristics. CIO Women in Leadership Program showcases a panel of women leaders who share their experiences and successful strategies to advance their careers at DIA-CIO. A key to success for women to achieve Senior Executive Levels at CIO is allyship and advocacy. According to research and organizational best practices, inclusive behaviors and communication patterns from all employees and leaders create inclusive organizational cultural change.
Presenters: Cory Steer, NSA
Cryptography is the cornerstone of securing communications, protecting critical intelligence data, and trusting digital identities. The dawn of quantum computing has put current asymmetric encryption algorithms in jeopardy of being compromised. Leveraging partnerships to define, develop, and deploy solutions supporting post quantum resistant algorithms is crucial for continuing to secure America’s vital equities.
Presenters: Sonny Hashmi, GSA; Brian Shipley, Navy; Chris Hamm, GSA
Government procurement is often a complicated business. Between budget issues, Federal Acquisition regulations (FAR), and mission-critical needs, getting the products and services you need in a timely and straightforward manner is challenging at best.
Hear from customers and users who balance these requirements every day and help make it easier to get technology to the mission at the speed of need. The discussion will focus on the acquisition space and how partnerships between federal agencies can make it easier to rapidly field emerging technologies and do business with and across government.
Presenter: Dan Ortiz, Intelsat
Deployment and coordination of satellites across various orbits – Low Earth Orbit (LEO), Medium Earth Orbit (MEO), Geostationary Orbit (GEO) – play a pivotal role in maintaining global security. In this session, we’ll discuss how evolving multi-orbit satellite and terrestrial network solutions can efficiently bolster our defense infrastructure and equip future forces across allied operations to gain and keep the advantage in changing threat environments. We’ll cover how innovative software-defined satellite and space-based optical network technologies can be leveraged for missile detection and tracking systems, real-time surveillance, secure resilient communications across domains, military IoT and sensor networks, and AI-driven edge analytics.
Presenter: Stephen Kensinger, DIA
DIA is taking a holistic approach in reviewing and modernizing all of its provided services for Zero Trust to support the demands for its future data-centric architecture. This discussion will include how the agency is approaching Zero Trust to be a mission enabler for the Enterprise. This DIA vision includes efforts to streamline the Risk Management Framework (RMF) by integrating results through Zero Trust enabled technology/services and modernized processes. Although focus has been for near term maturity requirements, the team has started to explore the integration of machine learning to contribute to this streamlining effort. It will also delve into the planning and prototype efforts that the DIA Zero Trust team has led for development and integration of core cyber services to provide entitlements access to properly tagged data objects. The DIA Zero Trust team has partnered with DIA mission stakeholders and our Chief Data Office to begin to address these challenges and to convey to the workforce the new value these modernized DoDIIS services will offer to mission.
Presenter: Robert Williams, DIA
The Defense Intelligence Agency’s Analytic Innovation Office will discuss the AI Roadmap for All-source Analysis, which adds clarity and cohesiveness to the all-source analytic modernization process. The Roadmap provides a comprehensive and applied approach to artificial intelligence (AI) that spans experimentation, quality and tradecraft assurance, AI skills and digital literacy development, and business process improvements – aspects that were largely fragmented until now. The Roadmap achieves clarity from chaos by tightly aligning six key objectives that address the application of applied AI methods to mission, building an AI-ready analytic workforce, and equipping AI practitioners with a framework for ensuring compliance with analytic tradecraft standards. Hear about the critical challenges such as systematically upskilling an analytic workforce, accelerating the development of an AI-ready workforce by reducing the skills gap with low code solutions, and assessing analytic workflows at-scale to identify optimal human-machine-teaming opportunities. Other challenges include accessing data in ways that enables the leveraging of machine learning methods at-scale, and pivoting from reactionary to predictive analytics. You will hear about aspects of AI adoption through the lens of an organization responsible for leading analytic modernization, that will leave the audience and industry participants with an appreciation for the unique challenges of achieving AI-readiness within an all-source analytic organization.
Presenters: Peter Guerra, Oracle; Josh Tatum, Oracle
Tactical edge capabilities enable organizations to extend cloud services and applications to the edge. This allows for improved performance, security, and availability of applications and services, as well as to collect and analyze data at the edge, which can provide real-time insights and decision-making capabilities in connected and disconnected environments. Tactical edge capabilities, across classification boundaries, allow the warfighter to obtain situational awareness through edge compute, AI, and security where needed. This talk will walk through the use of tactical edge within the DoD and IC to present real world use cases.
Presenters: Theresa Kinney, NASA; Kanitra Tyler, NASA; Jeanette McMillian, ODNI; Lisa Egan, DIA
US Government Employees Only. Welcome to “The Exchange”; an internal, selective government-only community of intelligence and non-Title 50 agencies dedicated to initiating practices that help secure government-wide supply chains. It is where agencies and programs demonstrate and share their best practices towards mobilizing unique agency missions and authorities to mitigate risk. This panel of community members will inform and educate USG participants of opportunities and resources to help them secure IT supply chains at their agencies; moving from the Chaos of Risks and Threats to the Clarity of Actions that help address active management of supply chain risk.
Presenters: Kalib Mata, DIA; Heather Scarpato, DIA
The IT landscape across the US Government is uniquely complex and integration is key to national interests, security and collaboration. DIA offers recognized TS/SCI IT and security compliant expertise to meet current and emerging IT needs across broad customer sets. As part of CIO customer engagement, the CIO Senior Representatives (CSRs) and the DoDIIS Modernization Program Office (DPO) team ensure a seamless customer journey from requirement intake through fulfillment and sustainment.
Presenters: Ben Davis, ODNI; Ron Ripper, ODNI; Colonel Christian Lewis, ODNI
The Intelligence Community Information Environment (IC IE) and the Department of Defense Information Network (DoDIN) underpin IC and DoD missions. Today, we are more dependent on and also more vulnerable to attacks on assets in cyberspace than we have ever been. The benefits of emerging and over-the-horizon technologies are immense, but also introduce new attack vectors for malicious cyber actors. The partnership between the IC Security Coordination Center (IC SCC) and Joint Forces Headquarters DoDIN (JFHQ-DoDIN) is vital to defending the Nation’s most secure networks and critical national security information. Both organizations will discuss their mission, their partnership, and seek opportunities to extend the partnership to the broader USG, and harness the power and expertise our industry partners bring to bear.
Presenter: Brandon Little-Darku, NSA
Our competitors are increasingly and deliberately seeking to erode U.S. advantage. Next Generation Encryption (NGE) is aggressively challenging present-day norms to ensure the Joint Force and the Intelligence Enterprise will deter adversaries and prevail in tomorrow’s conflict. Building enduring advantages involves five key focus areas – (1) Transform the Cryptographic Foundation, (2) Make the Right Technology Investments, (3) Adapt and Fortify our Cryptographic Ecosystem, (4) Strengthen Resilience and Adaptability to Match Pacing Threat, and (5) Cultivate the Workforce of the Future.
Presenter: John Gibbons, AT&T
In the Intelligence Community (IC), a fast-changing global security landscape is creating unprecedented operational pressures. Companies such as AT&T are continuously investing in infrastructure to optimize day-to-day operations to keep pace with global demand. IC agencies can leverage these commercial innovations to accelerate their own digital transformation. This presentation will cover the network trends and technology limitations that have driven AT&T’s network evolution approach, and the underlying technology that underpins AT&T’s network modernization efforts.
Looking to increase your data sharing and help your data find a new mission user base? Do you have limited data acquisition resources and want to take advantage of what the DoD and IC already have to offer? Explore how IC Data Services can assist your Agency/Organization to make your data discoverable, accessible, usable, and interoperable. IC Data Services, an ODNI Service of Common Concern, is foundational to enabling IC organizations to move forward on IC Data Strategy and component data strategy, gaining organizational efficiencies and mission outcomes in the process.
Presenters: Kathy Bryant, DIA; Kim Davila, DIA; Deb Melancon, DIA
Introduction to DIA provides small businesses information on interacting with DIA, an overview of DIA’s small business goals, how to do business with DIA (the basics), programs such as 8(a), Mentor Protégé Program, where to find opportunities, upcoming conferences, and events.
Presenter: Michael Campbell, Privoro
The modern smartphone revolutionizes the way life and business is conducted around the world. Unfortunately, in DoD, mobile devices are either banned or used with great operational security risk. Good news. The Government has worked with industry to create a solution that allows smartphone use in classified spaces and provide 24/7 enhanced operational security. This presentation tells the story of how DoD can finally trust smartphones. No more phone lockers!
Presenters: MJ Belgard, DIA; James Elliott, DIA
This presentation will provide an overview of cyber threat intelligence through a concept called pivoting. We will discuss how to hunt for advanced persistent threats using multiple third-party tools and data sets, so cyber defenders can contribute in helping to identity infrastructure associated with cyber threat actors.
Presenters: Katie Lipps, DIA; Marlene Kovacic, DIA
Are you an industry provider of hardware, software, and/or services? Come learn how you can partner with DIA to protect yourselves from threats posed by adversaries in order to become a stronger and more secure partner supporting Agency and CIO top initiatives. This session will focus on what elements of your organization you need to be focusing on, high level concepts you can implement, and how your improved security posture benefits your partnership with DIA.
As part of the DoDIIS Conference this year, NASA SEWP has been authorized to offer attendees an exclusive, in-person training session bringing Government agencies and industry providers together to dig into the world of SEWP. Pre-registration is required and is only available to participants of the DoDIIS Conference.
During this training you will be able to explore emerging federal acquisition trends and gain valuable insights about our diverse range of products and services directly from the SEWP Program Management Office (PMO). We are delighted to offer a comprehensive demonstration of our cutting-edge web tools. This engaging session will equip you with the most up-to-date knowledge and ensure you are fully proficient in utilizing our advanced online resources. We want to empower you with the tools you need to succeed and stay ahead of the curve.
This training is designed for both newcomers to SEWP and those seeking a refresher. Don’t worry if you’re unfamiliar with SEWP; we’ll guide you every step of the way. Plus, your attendance will earn you 4.0 Continuous Learning Points (CLPs) It’s an opportunity you definitely don’t want to miss!
10:00am – 12:30pm: Training Session (please arrive a few minutes early to be checked in prior to the training)
Pre-Registration is required and limited to 100 participants! Reserve your space here.
This panel brings together high-ranking combatant commanders to discuss the practical integration of advanced technological systems, including AI and automation, within operational theaters. The commanders will discuss tactical implications of these technologies, their impact on mission-critical decisions, and the DoD’s strategic vision for their future deployment.
In this fireside chat we are going to have a conversation with two of the DoD’s premier R&D organization’s senior leaders. We will be covering topics such as SAP IT, cybersecurity, risk, mission, and policy. You are going to want to come to this chat to understand how well we are communicating at the most senior levels, where our community can do better, what keeps them up at night, and the challenges imposed by R&D.
The Secretary of the Air Force Concepts, Development and Management Office (CDM) Mission Architecture Division will present an overview of FENCES, a DoD Managed Service Provider (MSP). The platform offers a secure cloud hosting environment for Special Access Programs at any classification level. The presentation will provide an overview of the platform and provide example use cases from across the Air Force. Attendees will also learn about the Upcoming Enchantments to FENCES and process for on boarding.
Derek Claiborne, Chainalysis
Jackie Koven, Chainalysis
Web3 is all about innovation and collaboration – but with that comes heightened risks. Chainalysis has a commitment to creating a safer environment for all who enter the world of Web3. In this discussion, we will explore blockchain’s potential in addressing challenges faced by our warfighters. The evolving threat landscape involving strategic competitors, rogue nations, and terrorist groups is examined, with a particular emphasis on their exploitation of cryptocurrencies for illicit activities. The role of blockchain technology in countering these threats is then elucidated, showcasing its characteristics like decentralization and transparency.
This includes a deep dive into using blockchain for geolocating threat actors and tracking illicit activities. International collaboration and the integration of blockchain-based intelligence into defense strategies are discussed as well. Challenges, considerations, future prospects, and recommendations for blockchain adoption in cybersecurity and defense form vital segments of the discourse, ultimately underlining the significance of embracing emerging technologies like blockchain to empower warfighters and enhance national security in an ever-evolving digital landscape.
Audiences will gain a comprehensive understanding of how blockchain technology can effectively address blockchain-enabled threats and enable the geolocation of threat actors in the realm of cybersecurity and defense. They will also recognize the pivotal role of international collaboration and blockchain integration in bolstering national security efforts across evolving global challenges.
Harry Cornwell, Palo Alto Networks
Delivering zero trust at an enterprise level begins with a fundamental change in how the DoD builds its cyber security architecture to prioritize both security and performance. Zero trust is built upon the foundation that there is already a malicious actor or compromised data or devices within the enterprise. This assumption creates a need for a process of continuous validation of users, devices, applications, and data in an entirely controlled and visible manner. With Palo Alto Networks’s Zero Trust Network Access 2.0 (ZTNA 2.0), coarse-grained access controls based on an “allow and ignore” model is left behind to introduce a consistent least-privilege access control model focusing on application layer security inspection.
Josef Allen, USAF
Adam Gruber, Applied Insight
Those defending our nation depend on access to accurate, timely information – and must manage large amounts of data from more sources now than at any other point in history. Disparate data sources, networks, and classification levels currently make it impossible for users in SAP and CAP environments to view data within a single standardized and normalized lens, limiting mission agility and increasing the time between data ingest and incorporation into command decisions.
To overcome these limitations, mission teams must currently develop custom tools and rely on manual processing of information to aggregate data and inform decisions. Feature gaps in pre-existing cloud capabilities within SAP environments further inhibit Guardians and other teams from efficiently leveraging cutting-edge technological capabilities to satisfy mission requirements, such as real-time data streaming, access to native cloud resources, and multi-cloud capabilities.
Providing holistic data processing in SAP environments presents three major challenges: data transfer across and between classification fabrics, data access governance, and multi-tenancy. Additionally, implementing a fully comprehensive Zero Trust Architecture is paramount.
This problem is complex, but with the right tools it is solvable.
To accelerate data sharing to mission teams in a Common SAP across classification fabrics and disparate networks, USSF built a highly scalable, multi-tenant, ATO’d environment – empowering program teams to migrate critical mission workloads to the cloud while maintaining logical separation of those workloads. Additionally, the USSF team designed and implemented a cutting-edge data management capability that enforces Zero Trust access to data assets leveraging a cloud-based architecture.
Douglas Gourlay, Arista Networks
In this presentation, we delve into the challenges and possible solutions when designing a unified, multi-domain network architecture that seamlessly integrates a diverse range of platforms: GEO & LEO satellites, airborne platforms, terrestrial networks, GovCloud transit, and trans-oceanic cables. This architecture not only ensures dynamic, encrypted, and secure multi-access networks, but also incorporates a self-healing fabric that can adapt to signal-denied environments while reducing operational load.
Complementing this vision, we will explore the paradigm shift from legacy network operating models towards a software-centric ‘modern operating model’. Here, configurations are procedurally generated by automation that incorporate variables from multiple discrete systems-of-record. We also simulate network changes in a virtual twin environment, deploy to the network upon completion, and generate comprehensive documentation of the change.
The National Institute of Standards (NIST) has released several Post Quantum Cryptographic Algorithms planned for standardization in 2024. The National Security Agency has announced the Commercial National Security Algorithm (CNSA) Suite 2.0. The executive branch has released NSM-10. What does this mean for the SAP community?
Dr. Whitfield Diffie, Dr. Robert Campbell, and Mr. Charles Robinson will discuss what this means for SAP program managers and how they can effectively plan for the upcoming migration to post quantum cryptography. The Panel will discuss current and past cryptography role outs.. The panel will discuss process, landscape, and do a deep dive of the underlying cryptography. The panel will explore past cryptographic migrations best practices and discuss what’s different now. A discussion on what government organizations should be aware of when migrating to the new Post Quantum Cryptography Algorithms. We will discuss of best practices guidelines that NIST NcCOE program is developing to support implementation and transformation of government IT environments. Finally, some consideration of the strategy and a tactical construct SAP program managers should consider when migrating to a Quantum Safe enterprise.
In this session, we will delve into the transformative impact of Infrastructure as Code (IaC) models on modernizing network operations within the Department of Defense and Intelligence Community. The focus will be on leveraging procedural generation and IaC models for creating networking configurations, coverage-guided automated testing, and self-generating documentation. These techniques, integrated across a next-generation WAN, Campus, and Data Center reduce the complexity inherent in traditional networking configuration. This approach fosters the creation of repeatable design patterns that automate efficiently at scale and facilitate the generation of digital twin environments for functional testing and staging deployments.
Then we will discuss and demonstrate a practical application of these models and technologies in deploying and operating a global WAN, encrypted with quantum-safe/secure cryptography, with trusted and measured/attested secure booting of each router, and utilizing a combination of networks including geostationary and commercial low-earth orbital satellites, LTE/5G, free-space photonics, public and private MPLS services, dark fiber and wavelength services, submarine transoceanic cables, and cloud provider backbones.
Artificial Intelligence and Machine Learning (AI/ML) applications in cybersecurity sensing are heavily focused on threat detection by identifying abnormal indicators and eliminating false positives. The mathematical techniques used to achieve this have converged, with most applications still focused on perfecting existing algorithms. However, there are many aspects of human cognition which are not captured by AI/ML algorithms as they are applied today. Creativity, intuition, contextualization, topology, and even the special theory of relativity are emerging perspectives for AI/ML. New approaches are critical to “level up” our current sensing tools, and create the next generation of advanced artificial intelligence-driven cybersecurity.
In most discussions about the digital divide, we’re referring to the fact that approximately one-third of the world’s population lacks access to the internet. We often associate it with developing countries and attribute it to factors such as economics and infrastructure. The negative consequence of this digital divide in the information age is that we leave behind individuals and entire communities. As cloud technologies become central to everyday life, that divide grows wider. Ironically, although the SAP community works on the most bleeding-edge technologies for our warfighters, it also suffers from being on the wrong side of a similar digital divide. In this session, we’ll look at how we can close the digital divide for the SAP community.
Many agencies are running on less reliable, less feature-rich fortressed versions of commercial clouds. With a more modern approach to the cloud, governments can gain the agility that today’s most resilient businesses use to serve their missions, while keeping data protected.
Join Ms. Leigh Palmer (VP, Technology Strategy and Delivery at Google Public Sector) and Mr. Brian Morrison (Vice President and General Manager
Cyber Systems, General Dynamics Mission Systems) in this session to learn about the latest innovations in multi-cloud capabilities, allowing governments to enable analytics and AI, security, and collaboration at the edge.
A view into DoD Zero Trust standards (capabilities and activities), emerging technology needs for accelerating ZT adoption, ZT Implementation Plans, and Near-Term Milestones understanding that these technological and cultural change hinge on close collaboration among academia, industry, research labs, and government.
To ensure the security of our nation, the defense and intelligence communities work tirelessly to maintain a strong advantage, and AI is an important differentiator in this endeavor. Fully integrated artificial intelligence solutions can create a decision advantage against our adversaries, improve strategic and tactical readiness via improved fleet health and resilient logistics, and dramatically improve the effectiveness of cybersecurity initiatives. Come hear Ed Abbo, President and Chief Technology Officer of C3 AI, share how commercial and government leaders are harnessing Gen AI for next generation national security solutions to safeguard our nation.
Scott Devitt, General Dynamics Mission Systems
Brian Newson, General Dynamics Mission Systems
The GDMS Chief Engineer for Multilevel Security, Scott Devitt, will demonstrate and explore real-world SAP use cases with MLS containers for DE Environments. During his 37 years with General Dynamics, Scott has designed, built, installed, and maintained classified capabilities for the DoD and IC including operational mission cells supporting forward locations with multiple stove piped networks at different classification levels. His presentation will highlight the value of a DE polyinstantiated or containerized framework in safeguarding SAP data and the benefits of leveraging a multilevel file share when working across multiple connected classified environments. It will also discuss the challenges faced in integrating the innovative capability into legacy stovepipe SAP networks with existing applications and explore potential solutions.
In summary, these three leading edge MLS DE design patterns present a robust set of solutions to the growing challenge of collaborating and working effectively in the ever-complex SAP community. By leveraging this capability, organizations can bolster security, consolidate costly licenses across networks and safeguard their most valuable data while also dramatically improving user operational efficiency on their primary network. By employing containerized applications, data transfers between networks are eliminated, reducing the risk of information leakage through unauthorized channels.
Dr. Mattikalli will present current and strategic industry trends in key technologies related to AI/ML, IT modernization, and system sustainment. Specifically, this session will discuss key technology trends with emphasis their application to special access programs within the context of need for system security, strict cybersecurity compliance and acceptance of risk profile, while meeting the needs for rapidly experiment with asymmetric capabilities and deliver new technologies at scale.
This session will discuss the impetus behind SAP Enterprise Reform (SER); provide an overview and status of current SER initiatives, to include SAP architecture and policy changes; and identify SER next steps.
Operational Technology (OT) plays a crucial role in controlling industrial processes and our critical infrastructure. However, with the rise of the Internet of Things (IoT) and increased connectivity, OT systems face amplified cyber risks. Historically isolated, these systems now often intersect with IT networks, making them vulnerable to threats, especially given their outdated software and the difficulty in patching them. The stakes are high: cyber-attacks on OT can disrupt power grids, halt manufacturing, and pose significant safety threats. Addressing these concerns requires a holistic strategy, integrating both OT and IT cybersecurity measures. As we advance in this digital age, it’s imperative that we prioritize and invest in the protection of these vital systems.
In the presentation “Breaking Barriers with Generative AI: Enhancing Systems Security and Data Sharing for the Warfighter,” we will explore the transformative potential of Generative AI in the context of emerging technologies to support the warfighter. This presentation directly addresses the theme of the conference, which focuses on the intersection of systems security, access management, and data sharing.
The Department of Defense (DoD) should care about the application of Generative AI because it offers a unique opportunity to overcome existing barriers and enhance the DoD’s systems security and data sharing capabilities. Generative AI has the power to revolutionize the way the DoD operates by enabling the creation of synthetic data, generating realistic scenarios, and simulating complex environments. This technology can significantly improve training, testing, and decision-making processes, leading to more effective and efficient warfighter operations.
By leveraging Generative AI, the DoD can enhance systems security by simulating and identifying potential vulnerabilities, predicting and countering cyber threats, and developing robust defense mechanisms. Additionally, Generative AI enables secure and controlled data sharing, allowing the DoD to collaborate with partners, share information across agencies, and leverage collective intelligence while maintaining data privacy and integrity.
The impact of embracing Generative AI in the DoD environment is significant. It empowers the warfighter with advanced tools and capabilities, enabling them to make informed decisions, respond rapidly to evolving threats, and achieve mission success. By breaking barriers with Generative AI, the DoD can enhance its operational effectiveness, improve situational awareness, and ultimately ensure the safety and security of the nation.
Leveraging AI to augment our information forces gives us massive new capabilities. Adversaries know the same thing and are trying to do the same thing. A small amount of high-performance computing (HPC) in the right places will solve many problems of AI relating to deployment, engagement, and data ingestion in environments where data security and access controls are paramount.
Using AI in secure, reliable, resilient, rapidly updated ways will give us an edge. Relying on commercial cloud providers for all computing, R&D, and services for machine intelligence is a risky way to get that edge. Relying on commercial cloud for the foundations and using in-house HPC expertise and resources to deliver the last mile of machine intelligence will reduce risk and accelerate the adoption of secure, reliable, robust, and repeatable AI inside the enterprise.
Today’s warfighter is more connected than ever before to a streaming vector of actionable intelligence. Platforms, systems, and data – all traversing an ever-increasing number of endpoints. As we look to events around the world as leading examples of how the battleground continues to change, we are called to action to improve both the offensive and defensive digital capabilities of our military. To win, our priorities must clearly align to automating heterogeneous environments at a moment’s notice, delivering consolidated AI-infused digital experiences to each warfighter, and leverage Automation and AI to protect our digital advantage.
Scaling quantum computers will eventually break the digital security used in virtually all modern data networks. For decades, our adversaries have been collecting encrypted communications with the intention of decrypting and operationalizing it when larger quantum computers become available. This Cold War technique is known as “harvest now, decrypt later” (HNDL); it makes headlines today because quantum computers can break our existing algorithms by brute force. The transition to Post Quantum Cryptography (PQC) does not solve the HNDL problem because the new algorithms have no mathematical proof of hardness. As such, NIST advised developers to be “crypto-agile” and prepared to replace PQC at any time in the future.
For decades, implementation errors, weak encryption keys, poor randomness, corrupted software libraries and a variety of attacks resulted in the total exploitation of stored HNDL data. The issue is fundamental to the single-points-of-failure in public key infrastructure (PKI) which is based on a 1970s architecture predating the internet, cloud, virtualization, and containerization used in modern information systems. Qrypt leverages multiple quantum entropy hardware sources and distributed software algorithms to enable end-to-end-encryption (EE2E) with simultaneous key generation at any endpoint. This mechanism decouples the data from the decryption keys, eliminates key distribution and is unaffected by multiple weaknesses in the system, including the potential failure of the PQC algorithms and insider threats.
The modern warfighter will operate in converged PKI environments on 5G/6G networks, using autonomous systems, in smart cities, built on technology under adversarial control. Secure communications will need much higher levels of assurance than currently possible. Incremental improvements to classical techniques will be insufficient in the quantum era.
Kelly Dalton, AFRL
Jonathan Thompson, AFRL
This is an update to last year’s presentation regarding an effort to provide DoD funded, shared supercomputing to the acquisition engineering, research, development, and test & evaluation communities. Large scale supercomputers are funded by the DoD High Performance Computing Modernization Program for the purpose of providing no-cost computing to scientists and engineers working on DoD problems. Contractors can also access these resources under a DoD contract involving an RDT&E project. This unclassified/CUI presentation will provide information regarding current status and future plans by the Department of Defense to provide continued access to free supercomputing resources to government and contractors supporting special programs and/or SCI-related projects in the research, development, acquisition, and test & evaluation mission areas. Specifically, the large-scale computing resources provided by the DoD High Performance Computing Modernization Program (HPCMP) will be discussed as well as how to access these resources. The supercomputing systems undergo a recurring technical refresh funded by the DoD HPCMP. The individuals/organizations do not pay for compute time or storage on the DoD supercomputers as these are funded through the DoD HPC Modernization Program.
USG has prohibited acquisition of hardware from sanctioned entities and excluded those companies from doing business in the United States. But most program managers don’t realize that those same sanctioned entities and foreign adversaries actively develop, maintain and control software dependencies used by classified military programs. While these dependencies can theoretically be code-reviewed before approval, they’re almost never reviewed beyond a one-time check for viruses or known vulnerabilities – with little to no monitoring of upstream risks. And even if their source code is reviewed, there’s no chain of trust between repositories and published packages.
This talk will illustrate how Chinese and Russian developers are positioning in the upstream software supply chain, how that risk can be detected and how it can be managed in an automated way, at scale, in the absence of any known or detectable vulnerabilities in the code. Single-maintainer projects belonging to Russian government employees have been identified in federal APIs that handle highly sensitive data at high scale. The ecosystems in which adversarial entities are active include AI/ML used in defense, which was the subject of a year-long analytic project that Ion Channel (recently acquired by Exiger) executed for DTRA. The data backplane for identifying adversarial FOCI in upstream software dependencies has both defensive and offensive value in software-intensive programs and missions.
Kathleen Featheringham, Maximus
Michael Sieber, Maximus
Frank Reyes, Maximus
As the Defense Department (DoD) continues its cloud modernization journey with the Joint Warfighting Cloud Capability (JWCC) and other programs, managing sensitive data in the cloud is a top priority and cybersecurity challenge.
Emerging technologies such as artificial intelligence (AI) offer novel strategies to fortify cryptographic practices, enhance data encryption, and bolster cloud security.
Reaping the benefits of AI-powered cloud security requires good data practices and data governance as well as proper configuration management and modern encryption strategies to ensure data security.
This session aims to address common cloud security concerns and outline use cases for comprehensive cybersecurity and encryption practices powered by AI to properly manage sensitive data in the cloud.
Jack Gumtow, MetroStar
Cedric George, MetroStar
Joe Early, MetroStar
With decades of sensitive government documents requiring classification review, manual human intervention has been vital but cumbersome. While some technologies aid the process, none—to-date—reduce the cognitive load of a human reviewer. DeCypher (an AI solution) employs cutting-edge language models and classification guidebooks, delivering swift, explainable, and automated classification, markup, and redaction with the essential oversight of human expertise. This talk aims to discuss how we can embrace the future of secure and efficient document classification by diving into the game-changing innovation of AI and Large Language Models.
Yvette Jacks, DTIC
Christopher Hunt, DTIC
Matt Poe, DTIC
Aligned to OUSD(R&E), the Defense Technical Information Center (DTIC) is the DoD’s central S&T knowledge and analytics center. DTIC’s Deputy Administrator, Chief Data Officer and Chief Technology Officer will provide an overview of DTIC, some exciting AI and ML capabilities we are building out, the ROI of DTIC’s centralized capability, and how the DoD S&T community can engage and partner with DTIC. Attendees will also learn about DTIC’s digital modernization journey, experience implementing DevSecOps, and gain insights into DTIC’s pathfinder experience working with DoD CIO to achieve the Department’s second ever continuous authority to operate (cATO).
Rob Case, DON SAP CISO
An examination of the Risk Management Framework as a dynamic cybersecurity program featuring Cyber Hygiene, Cyber Readiness, and Continuous Compliance as prime disciplines. The end in mind is to finally mature beyond checklists and firefighting, develop locally relevant threat intelligence programs, prepare for continuous ATOs with fully developed ConMon programs, and generate feedback loops between the monitors and responders. This presentation explores the Risk Management Framework and JSIG control families as features of Cyber Hygiene (management of the authorized) and Cyber Readiness (management of the unauthorized) and encourages RMF practitioners to go beyond the ATO. The concept of outprocessing the checklist is encapsulated in a change of mindset; completing a task is not compliance and compliance is not security. Narrative-based bodies of evidence authored and informed by ISSOs are insufficient. Cybersecurity practitioners must seek system-based artifacts as their proof of configuration and ISSOs must be informed by the system.
Chad Steed, ORNL
Visual analytics is a viable approach for enabling human-machine collaboration in today’s most challenging data analysis scenarios. While the increasing volume and complexity of modern data sets severely limits the viability of purely manual, human-centered strategies, most data analysis tasks are inherently exploratory (meaning the user doesn’t know all the questions they may ask of the data beforehand) and require interactive query capabilities. Visual analytics solutions that balance human and machine strengths are ideal, but achieving such a balance is not trivial. It requires judicious orchestration of human strengths, namely creativity, intuition, visual perception, and cognition, with the computational power of machines and the automated algorithms that run on them. In this talk, I will discuss modern data analysis challenges and how visual analytics tools can help solve them. To illustrate these ideas, several visual analytics systems will be described with an emphasis on the integration of human interaction, data visualization, and algorithmic guidance into flexible tools. I will also highlight the application of these tools to real-world applications in explainable AI, sensitivity analysis, multivariate analysis, and text mining. I will conclude with an overview of active and future visual analytics work.
Caleb Snow, WWT
Kimberly Haines, WWT
AIDN leverages state-of-the-art machine learning and artificial intelligence algorithms to detect and respond to even the most advanced and elusive threats. It identifies malicious activities in real-time, minimizing the potential impact of attacks. Through continuous monitoring through AIDN, your organization enjoys 24/7 monitoring of your digital infrastructure. AIDN provides immediate alerts and proactive threat remediation to prevent breaches before they occur.
Through our User-Friendly Interface, our intuitive, user-friendly dashboard simplifies the complexities of cybersecurity management. It offers real-time insights into your network’s security posture, allowing for informed decision-making. AIDN is designed to grow with your organization. AIDNs threat intelligence integrates threat intelligence feeds from multiple sources, ensuring you stay ahead of emerging threats. This knowledge helps AIDN adapt its defenses and protect your organization from new attack vectors.
Mohammad Raza, Green Lambda
Network infrastructure has to allow the administrators to understand, see, and monitor exactly where threats can enter the network. Add to this, intrusion detection, the ability for intrusion prevention and you have a network ready for government level security.
Kenny Bowen, Microsoft
Rebeka Melber, Microsoft
Historically, the DoD SAP Community has faced a glaring challenge – one of disconnection. Over the past decade, a remarkable transformation has taken place. Thanks to a roll out of enterprise-level SAP capabilities over the past decade, connectivity has surged to unprecedented levels. These advancements have become the backbone of an entirely new era, opening doors to a consolidated stream of data that is poised to reshape the landscape of national defense. The proliferation of Cloud Service Providers (CSPs) authorized for SAP data further signals the dawning of this transformative era. In the midst of this technological evolution, it’s crucial not to overlook the basics. While the buzzwords of Artificial Intelligence and Machine Learning are reshaping our technological landscape, the foundation for these innovations must be steadfastly established. Our success hinges on getting the fundamentals right, ensuring that the most fundamental functions are in place. Collaboration emerges as the cornerstone that will pave the way towards a truly robust and effective national defense strategy. This talk will delve into the narratives of the past, the dynamic landscape of the present, and the exciting potential of the future. It encompasses communication between Defense Industrial Base (DIB) and Government, Enterprise and Mission Users, and General and Privileged Users. As we stand on the precipice of unparalleled technological advancements, it is our responsibility to steer this transformation with clarity, unity, and a shared vision. Through collaboration and convergence, we shall not only bridge past disconnects but also construct a foundation for a stronger, safer, and more technologically empowered future.
John Loucaides, Eclypsium
Not a month goes by without another deep vulnerability in CPUs, memory, BIOS, BMCs, or some other component buried inside nearly every piece of IT equipment. While these issues sound serious, the very premise of these components is to abstract away hardware details. With adversaries known to be exploiting these bugs, how can we assess vulnerabilities not mitigated by traditional endpoint security solutions?
In this talk, John will explore some of the technical issues related to cyber security of the supply chain. He will explain the most common issues, how to check for them, and how to avoid being taken by surprise. Having personally been involved in research into and coordinated disclosure of serious platform-level vulnerabilities, John will speak from personal experience (both within USG and outside) to suggest practical solutions involving both open source and commercial tools to help with this evolving problem. After discussing issues that affect firmware updates, end of life, component vulnerability scanning, integrity checks, and sanitization/destruction, attendees will discover that even though perfection is impossible, all is not lost.
Andrew “AJ” Forysiak, Varonis
Chad Mason, Varonis
The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public, private sector, and ultimately, the American people’s security and privacy. By implementing Zero Trust (ZT) across all agency systems, the U.S. government seeks to protect high-value assets, but without first building a solid foundation, any zero-trust architecture will be largely ineffective and unwieldy. Agencies must now strive to provide best-in-class zero trust-based security while satisfying compliance requirements such as EO 14028, DOE O 471.1, and OMB 22-09. Zero Trust represents a paradigm shift in how we think about protecting our assets and requires a multi-phased process to deploy successfully.
David Metcalf, UCF
AI, Blockchain, and Cybersecurity (ABC) advances are reshaping the enterprise solutions that support the warfighter. This session provides a survey to explore use cases under development at University of Central Florida’s Institute for Simulation and Training including the ARO sponsored Blockchain and Quantum Defense Simulator for multi-protocol prototyping, modeling, and testing, Army TRACRChain Blockchain for automated range data from TRACR2, and Navy Project AI Avenger analysis of AI media scrubbing tools. A review of design, standards, early results, and scalability opportunities and issues will be shared. Synergy with other projects and next steps in ABC solutions to meet emerging requirements for cross-warfighter solutions will be presented. Tangible examples include a digital twin prototype to combine operational readiness and trusted career-spanning data from recruit to retire and a quantum computing cyber awareness and AI Assurance simulation platform. Using platforms like digital twins, quantum-as-a-service, large language models-as-a-service, and advanced simulations allow Commands to explore specialized use case, protocols, standards, and scalability before committing vital resources – leveraging modeling, simulation and analysis techniques such as NSF ICorps and Hacking for Defense. Concluding remarks include discussion of methods of collaboration between military, industry, and academia to leverage public university research and other nonprofit entities.
Caden Bradbury, NetApp
AI models are only effective if they can be utilized in the most extreme tactic edge scenarios. (Think: in the back of a Humvee, on a Naval Ship, in a remotely operated drone, etc.) While the training of accurate models is vital, the biggest challenge in these edge environments is moving data and models to and from the tactical edge to core data center.
Models must be continuously improved to be used effectively. They must perform at the highest level possible for the DoD. This is especially true in life-or-death scenarios, like automated target acquisition models. To optimize models, new data must be continuously fed to the algorithm.
Gentry Lane, ANOVA Intelligence
We’re looking for more DAOs to participate in a JFHQ-DODIN sponsored pilot. Nemesis is a novel computational software platform that addresses current capability gaps required to sustain deterrence in the cyber domain. By leveraging new discoveries AI/ML/DL, Nemesis functions as a global, interoperable, standardized cybersecurity software platform for early detection, rapid attribution, secure intelligence sharing, and global situational awareness of advanced persistent threat activity in DoDIN endpoints. Nemesis R&D was funded by DHS & DoE at Oak Ridge National Laboratory.
In order to face the challenges posed by great power competition in the digital age, the Defense Intelligence Enterprise (DIE) must adapt its mindset and approach by embracing digital transformation. The DIE must accelerate digital transformation efforts to efficiently and effectively share data, information, and intelligence among Military Services, Defense Agencies, and Combatant Commands. A critical enabler of digital transformation is a seamless digital foundation. The Digital Foundation includes the services comprising the digital substructure that enables rapid deployment, scaling, testing, and optimization of intelligence software as an enduring capability. A digital foundation will achieve a simplified, synchronized, and integrated multi-cloud environment that can adopt innovation at scale and promote good cloud hygiene. The delivery of a Digital Foundation ensures DIE data, architecture, and infrastructure are integrated and ready to enable: Joint Warfighting Concepts, Innovation at Scale, AI, Augmentation, and Automation, and Zero Trust.
As the agency has begun its journey to transitioning to Zero Trust, we have been meeting with industry partners to discuss best practices in order to support the objectives identified in National Security Memorandum 8; Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems. We have initiated a prototype effort exploring innovation opportunities in order to enhance core service offerings contributing to the Zero Trust journey. This brief will highlight areas we are collaborating with community and industry partners to adapt our environments to be positioned for supporting future mission requirements with a secure data-centric enterprise.
Defense Counterintelligence and Security Agency (DCSA) is collaborating across the Defense/Intelligence Communities to advance application of artificial intelligence (Ai), to thwart the rapid pace of threats posed by our adversaries. This presentation will show our efforts on the structuring of data and consolidation of unique Ai and cloud tools, and enterprise cross domain services to manage cost, mitigate risk, and increase mission effectiveness.
The ability to access data necessary to make battlefield decisions at the speed of relevance is critical to the Nation’s defense and tactical advantage. The Common Data Fabric (CDF) fast data broker is an evolution in data sharing across silos, organizational and mission boundaries making data available to any consumer machine that can enforce data policy. The CDF is a cloud-based commercial software data brokering capability that functions anywhere a connection can be established and easily integrates with existing and legacy architectures to make data available to U.S., Joint Taskforce Warfighters, US Allies and Mission Partners. CDF is deployed by the Defense Intelligence Agency (DIA) and is a foundational pillar of the data sharing vision of the Secretary of Defense as we transform the digital ecosystem towards an Enterprise Construct.
CIO has applied Service Delivery Modernization to improve the customer experience. We have implemented large efforts to stand up In Person Service Centers, integrated Live Chat on the desktop, ensured our Knowledge Articles and IT Equipment Catalog are 508 compliant, Service Central automated workflows, @CIOTechTips, and small initiatives to improve IT training/lab sessions for our new officers, and play jazz music for our listeners as they wait for a technician to answer their questions. This presentation will be an opportunity to share the advanced services that have been implemented, share our journey map, and to hear from our customers in a question and answer session about what improvements they would like to see. We’ll introduce the 13 December 2021 Executive Order on Transforming Federal Customer Experience and Service to Rebuild Trust in the Government and time permitting, explore self-help options that are available (Self-service-password-reset, go words, cross domain dialing, extension mobility, virtual desktops, etc.)
In 2018, there were more than 31,000 cybersecurity incidents affecting government agencies. In 2019, the U.S. government accounted for 5.6 percent of data breaches and 2.1 percent of all exposed records. It is imperative the US Government secures citizens’ information and federal agencies must continue to deliver services, regardless of cyber-attacks seeking disruption of those services. Fortunately, significant strides have been made to ensure just that. The Biden Administration’s budget request includes roughly $10.9 billion for civilian cybersecurity-related activities, which represents an 11% increase compared to 2022. To date, over a billion dollars has been awarded through NITAAC for cybersecurity solutions including training and awareness programs, professional and technical support services, and IT modernization for the Department of Defense, Department of Veterans Affairs, Department of Agriculture, Department of Justice, and more. In fact, all aspects of cybersecurity products, services, and commoditized services are readily available under the three Best in Class GWACs that NITAAC administers: CIO-SP3, CIO-SP3 Small Business, and CIO-CS. NITAAC’s federal customers can quickly obtain cybersecurity solutions without the tedious processes under FAR Part 15; instead using FAR Part 16.5 to issue task and delivery orders quickly and easily for mission requirements. Customers also have access to NITAAC’s secure electronic government ordering system (e-GOS) to further streamline competition, management, and award. During this session, NITAAC Deputy Director Ricky Clark will provide an overview of the NITAAC GWACs and discuss how as the U.S. government continues to roll out mandatory cybersecurity standards for government agencies, NITAAC can help agency partners raise the bar for cybersecurity beyond the first line of defense.
Starting in FY23, the National Ground Intelligence Center (NGIC) must rapidly respond to exponential growth in Modeling and Simulation (M&S) requirements. As a key initiative nested in its Modernization Strategy, the NGIC is shifting its reliance from on-premises infrastructure to focusing on mission solutions using cloud services to anticipate, adapt, and respond to fluctuating mission demands. This briefing will describe the Army Military Intelligence (MI) Cloud Computing Service Provider (AC2SP) M&S environment as the scalable solution to meet these mission requirements for the Army Intelligence and Security Enterprise (AISE) across three operational networks.
Present DIA’s current Identity Credential and Access Management modernization effort and ask for industry best practices for the future of the field. Present how well we are doing and describe our journey.
The DIA Platform-as-a-Service (DPaaS) is an enterprise container management platform enabling application developers to build to a single standard that provides advanced and commonly used technical enterprise services necessary to decrease development time while achieving strategic competition goals.
DPaaS enhances a developer’s ability to focus on functionality, enabling mission applications to be rapidly prototyped and move at the speed of mission by reducing technical overhead.
This functionality coupled with DevSecOps and the Capability Delivery Pipeline (CDP) enables applications to be developed and deployed securely, quickly, and easily no matter the location or infrastructure, freeing up development teams from tedious and complicated deployments.
The DoD and the US more generally is increasingly dependent on commercial products that provide crucial elements of our cybersecurity. Located in NSA’s Cybersecurity Collaboration Center (CCC), Standards and Certifications plays a significant role in shaping the marketplace for these products across the lifecycle of development. Through its leadership in standards bodies (ensuring that critical security requirements are built into the standards that commercial products implement) and its leadership of the National Information Assurance Partnership (which sets the testing requirements for commercial products that will protect classified information and systems), Standards and Certifications establishes a baseline that products will be built to and tested against. The placement of Standards and Certifications in the CCC enables it to bring to bear relationships with Defense Industrial Base companies as well as NSA’s enormous capacity for threat intelligence to inform and strengthen the standards and certifications mission. This talk will provide the audience with an overview of NSA’s standards and certifications programs, give examples of how the programs raise the level of security in commercial products that protect DoD systems and describe how our DoD customers can help us by providing concrete requirements that strengthen our bargaining position in standards development organizations.
This panel will consist of experts from DIA’s Academy for Defense Intelligence and industry to discuss how extended reality technologies (augmented reality, virtual reality, etc.) can impact the workforce by enhancing everything from training to daily operations. Bring your curiosity, questions, and vision for the future as we examine the art of the possible!
Develop Network Infrastructure More Rapidly, and Operate It More Securely and Effectively.
Using model-driven DevOps and the Infrastructure as Code (IaC) paradigm, teams can develop and operate network infrastructure more quickly, consistently, and securely–growing agility, getting to market sooner, and delivering more value. This is a pragmatic talk about implementing model-driven
DevOps for infrastructure. It contains insight in to lessons learned and illuminates key differences between DevOps for infrastructure and conventional application-based DevOps.
Whether you are a network or cybersecurity engineer, architect, manager, or leader, this talk will help you suffuse all your network operations with greater efficiency, security, responsiveness, and resilience.
This session will describe how to leverage graph database technology to enhance analysts’ ability to fuse together and interact with extensive volumes of data from disparate intelligence feeds, both controlled/protected and publicly available/open source. These disruptive graph-based views can be integrated into most existing analysis platforms, extending and providing more immersive views and experiences with data and the ability to extract meaningful and actionable insights as data volumes increase in size and complexity.
Through these new graph database views, analysts interact with data represented by nodes and edges. This flexible data architecture allows for rapid filtering of data layers, producing a truly immersive environment filled with color, highlighting, line thickness, borders, icons, badges, and more, allowing the analyst to fully leverage graph database node and edge methodology. These visual cues help the analyst to find and link critical pieces of data together, providing highly reliable information that the analyst uses to see data more clearly, make more accurate predictions, and be confident in their decision-making.
Join the DIA Chief Information Officer, Mr. Doug Cossa, as he moderates a discussion on the future of CIO considering the ever-evolving landscape of Information Technology. Panel members will feature junior civilian personnel across DIA CIO—the forces on the ground implementing DIA CIO’s key initiatives and riding the waves of the latest technological advancements. Through this session, attendees will gain a better understanding of DIA CIO’s current successes and challenges from the action officer viewpoint. Further, attendees will gain insight into how the Intelligence Community and Department of Defense must continue to evolve to enable mission.
The IC treats data and software as strategic assets. The IC transcends strategic competitors through innovation, adaptation, and collaboration by facilitating a shared environment for software modernization. We set the foundation for success via common software environments, which provides a mature, versatile DevSecOps environment for internal and external teams. This game-changing tool suite and associated approach provides the fastest way to deliver mission-specific software — independent of the underlying data and infrastructure. It enables teams to have quick delivery to operations, security early on, and the benefit of code sharing and reuse. This presentation will provide an overview of that ecosystem and will focus on how:
Internal and external DoD and IC teams are provided with:
How to onboard:
This panel will provide insights from DIA’s Chief Financial Office, Future Capabilities and Innovation, and the DIA representative to InQTel on how DIA is working to leverage contractual vehicles to best support the adoption, purchase, and curation of innovative solutions and emerging technologies needed to address enterprise challenges. Come with your questions and notebooks to learn more about these unique partnership opportunities in the critical emerging technology and innovation spaces!
The ongoing strategic power competition along with the adversarial implementation of innovative technology, such as Artificial intelligence (AI), has emphasized the need for increased awareness and strategic warning in nearly every warfighting domain. Increased use of this technology provides a unique challenge and strategic avenue for the U.S. Intelligence Community and its partners as they seek to maintain their competitive edge in the era of near-peer adversary competition.
This research project addresses Edge AI technology affecting the U.S. strategic defense posture in the Space Domain. The use of this dynamic technology in one of the most influential and uncharted mission spaces lends an insightful discussion on the cascading effects of AI advancement. This project has the potential to lend itself to further engagement with the private sector, as well as future substantive research projects.
To address our methodology, we will divide this research into a discussion on the existing technologies that would be impacted given the event of a flash war in space. Discussion on the interconnectivity and vulnerabilities of these systems, the way Edge AI would be able to potentially augment or damage the intended functionality of these systems, as well as the legal ramifications for the use of edge AI in the space domain. It would include communications satellites, GEOINT constellations, ground nodes, and cloud data storage.
It is important to note that though policy capabilities and funding specific to each military branch are important considerations regarding AI employment within the Joint All Domain Command and Control (JADC2) architecture, expanding these topics in detail would extend beyond the scope of our project.
As the enterprise modernizes the CIP/COP, it does so on the classified domains. As an alternative, EDA is a secure, virtual environment on the UNCLASSIFIED domain where SOUTHCOM, interagency, and allied/foreign partners can collaborate and share information on security challenges affecting the SOUTHCOM AOR – strategic competition, IUUF, migration, illegal mining, etc. The program ingests and standardizes multiple datasets (PAI, CAI, academia, non-traditional partners, etc.) for participants to exploit and develop their own intelligence. The shared environment also enables the creation of Communities of Interest (COI) for further collaboration between entities. EDA is resonating amongst the OUSD I&S, OASD R&E, JADC2, JS J28, Cogent Way, Thunderstorm, and other programs/organizations as the future enterprise prototype solution for information sharing and knowledge graph capabilities.
In partnership through the Desktop Environment (DTE) Integrated Program Office, DIA CIO is collaborating to extend components of its TS/SCI Common Operating Environment (COE) domain as a service offering. The CIO StoreFront concept will meet current and emerging requirements centered on deliberate, efficient and repeatable processes for an unmatched customer experience.
This session will describe and clarify DIA’s Cyber strategy aligning our priorities with the DIA Director and CIO.
Topics of discussion/clarification will include our alignment and way forward pertaining to the National Security Manager (NSM-8) and the Cyber Executive Order 14028 improving the Nation’s Cybersecurity. 1. Modification of Cyber Security Tools 2. Risk Management Framework (RMF) 3. Zero Trust, 4. Agile DevSecOps pipeline 5. Information System Security Manager (ISSM) and Continuous Monitoring.
For a number of years, strategic competitors have exploited and subverted vulnerabilities in the DoD/IC supply chain. These adversarial efforts, which includes stealing U.S. intellectual property, results in decreased confidence in securing critical solutions, services and products delivered to the DoD. Contractor facilities supporting hardware/software design, development, and integration are frequently targeted as cyber pathways to access, steal, alter, or destroy system functionality. Since malfeasant activities can compromise government programs or fielded systems, DIA continues to evaluate and implement efforts to harden its supply chain commensurate with the risk to national security. Within DIA’s implementation of the Risk Management Framework, DIA has aligned cyber supply chain risk management with the acquisition process and engineering strategies. These efforts enable DIA to create a framework for cybersecurity due diligence – influencing the Intelligence Advantage.
This session will describe and clarify DIA’s implementation of the DoD/IC supply chain risk management program. Specifically, the briefers will discuss how Cyber supply chain risk management has been integrated within cybersecurity, engineering, and DIA’s acquisition strategy. Both internal and external customers will also obtain knowledge of: (1) How to obtain DIA’s SCRM Services, and (2) best practices to actively and pre-emptively address supply chain threats.
While detailed information would normally be provided on a need-to-know basis at classified levels, our session will not cover any details that would expose classified information. Since this conference is unclassified, we are only going to speak to large trends, concepts, and generic activities. There will not be any details provided to attendees about any particular agency’s status, and we will not be discussing vulnerabilities that could be exploited by adversaries.
The convergence of new networking paradigms including 5G cellular and satellite constellations with global coverage provides novel opportunities for defense innovation, leveraging commercial technologies for failsafe communications and collaboration. Overlay technologies such as SD-WAN enable adaptive, highly available networks to be established on-demand for strategic advantage, securely connecting over any available paths. These capabilities transcend traditional architectures, delivering continuous transmission for mission-critical applications and real-time decision-making, benefitting connected devices and command and control alike.
Service mesh can play an important role providing a zero-trust networking foundation, however, it also poses a few operational and security challenges. First, in current implementations, a service mesh is opt-in by deploying a sidecar process with the secured resource. Second, tying infrastructure components into application deployments makes it more difficult to patch and upgrade when vulnerabilities are discovered. Lastly, current service mesh implementations can be difficult to extend to existing workloads. In this talk, we dive into an “ambient” service mesh that runs without sidecars and addresses these previous issues without trading off zero-trust properties.
The Public Sector must deliver on ever-expanding missions while battling against siloed legacy applications and vast, untold volumes of information. This session will explore how Defense Logistics Agency, a 26,000-person combat support agency for the U.S. Department of Defense, has treated AI-powered content management as a strategic tool to save time and energy to supply the warfighter. Learn how DLA has gained an information advantage in supplying the U.S. military with its equipment needs.
Topics covered will include military moves, supply chain and audit readiness, content services, intelligent capture, password complexities, and unstructured content.
Enabling classified communications and situational awareness can be difficult and expensive for deployed, remote, collaborative, and contingency use cases.
Following guidelines from NSA’s Commercial Solutions for Classified (CSfC) program can overcome many challenges associated with legacy systems for classified communications and can help organizations benefit from the fast pace of commercial innovation in mobile devices.
Using CSfC, organizations have options for enabling executive mobility and remote work (e.g., using laptops and smartphones), site-to-site extensions of classified networks (e.g., for remote tactical teams, branch offices, home offices, or multi-building campuses), and classified campus-area Wi-Fi networks.
This session covers how to design and deploy systems conformant to the CSfC program and illustrates specific real-world examples of systems in use today for federal enterprise and tactical use cases. This session also covers emerging technologies and solutions that address the newly updated CSfC requirements such as continuous monitoring, as well as complexity challenges inherent in these solutions.
NMEC will provide an overview of their approach and capabilities to process and enrich large volumes of data to enable effective search, discovery, and correlation across large unstructured data sets while overcoming the unique challenge of being separated from enterprise networks and tools. NMEC will also share their approach to utilizing data science capability to derive maximum value from data in order to address high priority intelligence requirements.
The session will provide insight into the Intelligence Community’s IT and mission needs. Industry attendees will learn how to utilize the Joint Architecture Reference Model (JARM) to address requirements on IC elements acquisitions. IC attendees will learn how to align priorities into mission resource needs across the Doctrine, Organization, Training, Materiel, Leadership and Education, Personnel, Facilities, and Policy (DOTMLPF-P) moving down from their strategy to define capabilities and their enabling technical services. The session will demonstrate how the JARM can be utilized to make invest/divest decisions, develop IC Service Provider catalogs, and discover IC services. JARM supported capability gap analysis will also be demonstrated by using heat maps to align investment to capability and service needs. DoD attendees will learn how to define their architecture to integrate with the IC.
The US Army National Ground Intelligence Center (NGIC) is exercising a portfolio-based approach to transition its mission capabilities to the cloud through rationalization, integration, and modernization. A key strategic focus is human capital and talent management that holistically invests in its workforce shifting from declining IT responsibilities to focus on emerging skills and disciplines such as cloud computing, data engineering and modern application development. This briefing will describe the human capital and talent management strategy and implementation plan to drive operational readiness of its IT workforce to meet the current and future demands of the NGIC mission. This will also include a demonstration of the tooling used to visualize the IT workforce’s skills and disciplines mapped to mission needs and capacity.
The space domain requires analysis in four dimensions (x, y, z, t). Unlike the other warfighting domains, space planning, wargaming, and decision making must be done using tools capable of multi-dimensional visualization and simulation of near-Earth orbits (e.g., Analytical Graphics/Ansys Incorporated Systems Tool Kit, or STK). Such tools have proliferated over the last decade across a vast array of government and non-government space users. Much like the Microsoft Office 365 suite of productivity tools, or Adobe’s Acrobat/Creative Suite, Systems Tool Kit has become the modeling and simulation software of choice for those involved in the national security space arena. In the area of orbital warfare training specifically, STK is used an instructional aid to make tangible the realities of space flight, systems engineering, astrodynamics, and orbit propagation. Organizations like the US Space Force’s National Security Space Institute, US Space Command, rely on STK to perform computations and analyses to inform real-world decision making during critical moments of space launch, orbit maneuver determination, and other activities in space. In this regard, modeling and simulation technologies for the space domain have become as ubiquitous as Microsoft-type productivity software deployed on a standard desktop configuration. Therefore, STK or other software tools like it, must be treated as a productivity tool and not as a special-use case to be found in a high-performance computational center or battle lab. Licensing arrangements, deployable efficiency, and proliferation must continue to be made advantageous to the average space user.
The National Ground Intelligence Center (NGIC) is exercising a portfolio-based approach to transition its mission capabilities to the cloud through rationalization, integration, and modernization. A key strategic focus is the holistic transition of NGIC’s portfolio from application “data silos” to a data-centric architecture with supporting services to align to its modernization goals, increase operational efficiencies, and adapt to customer requirements. This briefing will describe the NGIC team’s target architecture, cloud-based solutions, enhanced processes, approach, and lessons learned.
The Defense Intelligence Agency is developing the Machine-assisted Analytic Rapid-repository System (MARS) to transform the management and production of intelligence on foreign military capabilities. This briefing will provide an update on MARS’s journey to initial operating capability, status of interoperability efforts and how they enable JADC2, and plans for edge implementation of MARS.
As part of NGA’s greater multi-tier Edge Strategy, the JREN is being deployed to Combatant Commands. This highly scalable capability is designed to position significant storage, compute, transport bandwidth, and applications closer to the Tactical edge. JREN will support expanding Department of Defense, Intelligence Community and Coalition customer requirements with content specific to their area of operations, GEOINT/partner applications and high-performance compute. Design considerations include: increased resiliency in Denied, Degraded, Intermittent, Limited (DDIL) communications environments via direct satellite downlink, reduced transport latency, and the use of the NGA CORE software development method to develop, deploy, and sustain modern GEOINT software. All designed to facilitate the movement of critical intelligence and data sharing.
Deployment has started at USINDOPACOM with additional COCOMs receiving delivery in the upcoming outyears.
With more than 15% of the world’s population experiencing some form of disability, DIA understands accessibility is more than an adherence to Section 508 standards. It’s about inclusive design – developing digital solutions to meet a broad spectrum of intersectional needs, perspectives, and behaviors, rather than solely creating accommodations for specific disabilities. This presentation will describe resourceful ways DIA is expanding its IT accessibility expertise across the Enterprise and how to utilize collaborations with Industry to develop innovative solutions like a speech recognition application for its Deaf and Hard of Hearing community. This presentation will share DIA’s plan to integrate accessibility and inclusivity into its software development lifecycle rather than adding it on as an afterthought.
The IC Security Coordination Center (SCC) is the Federal Cybersecurity Center for the IC and coordinates the integrated defense of the IC Information Environment (IC IE) with IC elements, DoD, and other U.S. Government departments and agencies. Working with the other defense-oriented Federal Cyber Centers—the Joint Force Headquarters (JFHQ) Department of Defense Intranet Information Network (DoDIIN) and the Cybersecurity and Infrastructure Security Agency (CISA)—the IC SCC facilitates accelerated detection and mitigation of security threats and vulnerabilities across the IC by providing situational awareness and incident case management within the shared IT environment.
In FY ’23 the IC SCC is enabling a better IC cyber defense posture through the procurement of IC-wide enterprise licenses of commercial Cyber Threat Intelligence from multiple vendors, an Endpoint Detection and Response (EDR) pilot program for IC-wide adoption, and an enhanced patch repository for prioritizing patch management and driving down shared risk across the enterprise. Join us as we detail these initiatives and how they can help secure your environment!
The session will provide an opportunity to hear from Chief Architects from NRO, NSA, NGA, DHS Coast Guard, DNI, and DoD. The panel will be hosted by the Intelligence Community Chief Information Office (IC CIO), Architecture and Integration Group (AIG). The panelists will respond to questions on how they are shaping their agency’s technology roadmap and how they coordinate and drive mission integration within their element and across the IC and DoD. Attendees will gain understanding of programs and initiatives across the IC that are modernizing systems that support the intelligence lifecycle and improve integration. The panel will leave the attendees with a better understanding of the role of the Chief Architect within each represented organization.
At DoDIIS 2021, the Army Military Intelligence (MI) Cloud Computing Service Provider (AC2SP) briefed the mission outcomes realized by leveraging its cloud-based Data Science Environment (DSE) to rapidly respond to a mission requirement in less than two weeks from problem to solution. This briefing will build upon the prior successes and describe the AC2SP Data Science Product Line to include its core product offerings and underlying cloud services supporting Artificial Intelligence and Machine Learning (AIML) to enable multi-tenancy and respond to the variability in data science requirements across the Army Intelligence and Security Enterprise and multiple operational networks.
We hear that promoting and maintaining a healthy work environment is important. Cyber and physical security threats from trusted insiders are on the rise and there is evidence that what happens in the workplace impacts motivation for and mitigation of possible attacks. This interactive presentation introduces research and case studies to highlight the complex role the work environment and the resulting work culture play in deterring and mitigating risks that can lead to attacks that harm national security and result in loss or degradation of vital resources and capabilities. The presentation includes promising practices for those who want to improve their respective work environments and reminders for those already doing the work. The topic offers an opportunity to engage, reflect and specific examples of ways to innovate, adapt and collaborate to improve and protect work settings that are increasingly targeted by our adversaries.
Technological innovation is disrupting societies with serious implications for the era of Strategic Competition. AI is rapidly emerging as a powerful technology with the ability to illuminate tactical and strategic advantages against our competitors. Federal mandates, such as the National Security Commission on Artificial Intelligence’s mandate that all Intelligence Community (IC) and Department of Defense (DoD) entities be AI-Ready by 2025, reinforce the urgency and imperative of leveraging AI.
In response to this mandate, DIA’s Chief Technology Office (CTO) was named as the office of primary responsibility for DIA Strategy Line of Effort (LOE) 2.9 – AI Readiness, outlining how the Agency can reach AI readiness, AI competitiveness, and AI maturity. The purpose of LOE 2.9 Is to transform culture and capabilities, creating an AI ready workforce that enables DIA officers and organizations to innovate, incorporate and advance AI throughout Agency missions and processes to meet the demands of Strategic Competition and obtain data driven dominance. CTO is collaborating with partners across industry, academia, IC, DoD, and Five Eye (FVEY) to create a strategy that will ensure we meet this purpose.
Learn about the DIA AI Strategy goals and objectives and the key pillars for transforming DIA into an AI Ready organization.
The DIA Data Hub’s (DDH) objective is to offer an Agency data platform that ensures easy discovery of and secure, automated access to DIA data assets. The DDH concept will modernize the DIA’s data handling, storage, and delivery by using best-of-breed technology and treating data as an enterprise-wide asset. DDH will both provide a place for new data to reside, as well as free existing data from process and technologically driven silos. By treating data as an enterprise-wide asset, it will give mission and business analysts the full range of information necessary to provide insights to stakeholders ranging from the warfighter all the way to congress. DDH’s strategy is to meet customers where they are, enabling customers to keep data and services where they need it. This capability will allow data scientists to comingle data to derive new insights, and let developers quickly build applications by leveraging DDH as their data store. When data is treated as an asset, it opens the door to new efficiencies, insights, and capabilities. By providing all DIA users the data they need, DDH creates a foundational capability that will be key to maintaining a strategic and competitive advantage over our adversaries.
Discussion of the transformative digital infrastructure services and platforms being matured by the Air Force Intel Community in support of ISR and broader DAF. The Air Force Intelligence Community’s Digital Infrastructure leverages IC cloud capabilities, integrating them across the enterprise, from transport to analytic tools, to provide an agile, resilient and scalable information environment at unclassified, secret and top-secret SCI levels, to enable transformation today, toward the future we need.
The Transport Services Directorate Senior Technologist at the Defense Information Systems Agency (DISA) provides a strategic outlay of future enabling technologies, initiatives and capabilities that will deliver the next generation of global resilient communications capabilities to the warfighter. He will provide a strategic roadmap on the DISN core global transport evolution – from the barriers, to modernization areas, and information sharing approaches – to deliver a no-fail long haul transport architecture for DoD, Intelligence Community, US and Allied Government capabilities. Additional discussion on the need for joint mission integration to ensure the operational status of the underlying environments can be seamlessly integrated with the different domain owners, such as DIA, to assure end-to-end mission delivery and performance.
Understanding Artificial Intelligence in IT Operations (AIOps) can be a daunting task given the various definitions of the term. IT Operations teams are seeking the advantages of Machine Learning (ML) and Artificial Intelligence (AI) to unlock better decision-making and to drive automation and self-healing to support mission essential applications. AIOps is not a single product, rather a journey where key components intersect and leverage machine intelligence and speed to drive outcomes. Join Lee Koepping from ScienceLogic as he de-constructs the essential elements of AIOps and how context driven observability and automated workflows can accelerate mission results to optimize IT service delivery.
For years, operations squadrons across the globe used whiteboards and printed crew binders to execute global missions. A handful of aircrew members teamed up with Platform One to revolutionize the way crew management and distributed operations are done using a commercial-off-the-shelf (COTS) solution hardened and hosted on government servers. We discovered a fast and secure way to pass mission data from operations centers to crew members enhancing safety and mission velocity. This collaborative command and control flow enabled the early recognition of issues allowing us to maximize crew effectiveness on the road. The team used a Small Business Innovation Research (SBIR) grant to work with Mattermost to make defense enhancements focused on Air Operations Center workflows and needs. We realized that these types of collaborative capabilities allowed us to build a shared reality outside of our silos and solve issues before they occurred. This capability was demonstrated during the Kabul evac where stage managers took full advantage of the ability to self-organize and collaborate during the Kabul evac enabling the largest Noncombatant Evacuation Operations (NEO) in U.S. history. This talk gives an in-depth look at how innovation and technology laid the ground work for success.
This talk will present an overview of DNS cyber attacks over the past several years by Advanced Persistent Threats (APTs) and how the types of attacks and mitigations have evolved over time. It will discuss why DNS continues to be a commonly used vector for adversaries and how cyber defenders can innovative to strategically defend against the most sophisticated APT using complex DNS techniques for malicious activity.
As strategic competitors continue to adopt AI as a disruptive technology used to advance warfighting and intelligence gathering capabilities, it is imperative that the defense community come together to develop solutions for leveraging human-machine teaming to achieve decision advantage and dominate our strategic competitors. This panel will address how the Intelligence Community (IC) and Department of Defense (DoD) utilizes AI to continue to revolutionize the way we maintain strategic and tactical advantage in an era of Strategic Competition. Attendees will hear from AI experts spearheading efforts within their agencies to adopt AI as a means to outpace our strategic competitors and ultimately prevent and decisively win wars. Agencies include: the National Security Agency, the Central Intelligence Agency, and the Chief Digital and Artificial Intelligence Office. This panel will be moderated by DIA’s Chief Technology Officer and AI Champion.
Many compliance officers inherit the negative reputation of, “wearing the black hat,” generating fear of involving them early and often in discussing current architecture, planning new infrastructure, or establishing programs. Strategic competition requires compliance officers and programs to participate early in the planning processes to streamline development and thereby ensure a reduction in incidents. Compliance officers must pursue opportunities to evolve their reputation and work with innovation leaders in a collaborative relationship that shifts outcomes to the benefit of the community, government, foreign partners, and taxpayers.
In this environment teeming with data, it is impossible for individuals to review all information available. This increases the difficulty of ensuring effective compliance measures and unhampered sharing across the enterprise. Missed information leads to missed opportunities. Secure and compliant machine analytics can alleviate these gaps by automating production cycles in circumstances where specific, templated parameters exist.
Engineering teams struggle to, “keep the lights on,” while updating architecture, ingesting more data, and attempting to plan for the future. On top of this mountain, it is also necessary to secure the enterprise, secure the network, and manage all of the data without running into oversight issues. Collaboratively seeking to overcome these hurdles and roadblocks while providing customers with the best services and products will benefit every program manager and leader in the defense enterprise. Analyzing and correcting pitfalls will ensure that future warfighters, leaders, and policymakers have the actionable information needed while reducing the number of incidents and/or loss of capabilities or information.
Learn how CIO caters to the needs of the Defense Enterprise customers. The Defense Intelligence Agency (DIA) Chief Information Office (CIO) Senior Representatives (CSR) are “the CIO – Forward Element” deployed around the world. These senior DIA civilian officers are CIO’s IT regional commanders deployed throughout your theater to serve federal government agencies, Department of Defense (DoD), Intelligence Community (IC), and International Partners. CIO delegated authority to the CSRs to engage with customers and partners on the integrated and comprehensive mix of CIO IT functions, to include governance, operations, and cyber defense activities. The IT infrastructure requirements of DoD, IC, and larger Federal government are uniquely complex and crucial to national interests and security, and require a holistic approach to effectively understand and fulfill customer requirements. CSRs are postured by authority and responsibility to provide CIO’s full catalog of IT capabilities and services to each supported mission. In so doing, the CSRs lead a lean process of functional handoffs and decision points. As capabilities and services move up the development chain toward delivery, service delivery is designed to simplify as it approaches customer touchpoints. The integrated CSR model regionalizes functional support under one strategic umbrella and puts the full CIO enterprise capabilities at the core of the customers mission space.
In collaboration with The Open Group, NASA SEWP (Solutions for Enterprise-Wide Procurement) helped develop the first International Organization for Standards (ISO)standards dedicated to SCRM. As a member of the government acquisition community serving federal technology buyers, the program brought together a team of SCRM Subject Matter Experts to help provide clarity to some of what many find very confusing, and to identify actionable efforts that agency personnel can take today into account for SCRM within their processes, workflows, and requirements.
Data, Data Science, Machine Learning, and Artificial Intelligence capabilities are key to equipping the Defense Intelligence Enterprise for Strategic Competition. It is essential DIA has a data science environment that is adaptable to new and emerging needs with modern tools that can be used for a multitude of data science use cases. DIA CIO is collaborating with multiple partners to deploy a Self-Provisioning Data Analytics Environment (SPDAE) utilizing existing GOTS products to deliver capabilities. This environment will optimize the use of containerization to easily adapt the environment with new GOTs or COTs tools. SPDAE will establish processes to move data science capabilities and products through Development and Test, to quickly transition to production. SPDAE will deliver an easy-to-use environment for analysts, engineers, and data scientists increasing productivity by eliminating hours spent installing and configuring applications in the cloud. It will also decrease costs associated with developing and maintaining multiple environments and enable the use of PII and other caveated data, thereby fostering secure data driven decisions.
The IC Data Strategy positions the IC in a “future ready” stance with the ability to respond to evolving needs, threats, and challenges. The IC Data Strategy aligns with other IC and Federal data strategies, and draws on recent progress to galvanize continual improvements in the discovery of IC’s data, expand data sharing and safeguarding, increase the speed of intelligence delivery, and improve tracking of data assets and needs. By implementing the strategy across the community, and in coordination with our partners, we can further advance discovery, access, and use of data at mission speed to meet our missions and maintain decision advantage.
As an emerging and disruptive technology, quantum computing is increasingly important to national security as the Defense Intelligence Agency focuses on Strategic Competition. The quantum panel includes perspectives from industry, Intelligence Community, and research and development quantum experts with a focus on quantum safe encryption, applications of quantum computing, major players in the quantum realm, and how we can collaborate to enhance quantum technology to meet the demands of Strategic Competition. Panelists will include subject matter experts from the National Security Agency, MITRE, and In-Q-Tel. This panel will be moderated by DIA’s Chief Technology Officer, Mr. Ramesh Menon.
Intro to DIA provides small businesses information on interacting with DIA, an overview of DIA’s small business goals, programs such as 8(a) and Mentor Protégé, where to find opportunities, and upcoming conferences or events.
IC Information Technology (IT) Accessibility Community of Interest (COI) developed a maturity model to assess and improve IT accessibility programs across the IC. This model was designed to help the Director of National Intelligence (DNI), IC CIO and IC elements determine effectiveness of their current IT accessibility programs, as well as to identify gaps and help develop capabilities that are needed to improve future performance.
The COI used this model to assess and compare key areas of IT accessibility programs across IC elements. The analysis and insights from this assessment were presented to IC senior leadership to foster awareness of the challenges and help implement best practices for IT accessibility within the IC. Program maturity levels can be used to define progress or process development for a new or established program. The IC IT Accessibility COI identified five levels to indicate the maturity for an IT Accessibility program organized within an IC agency/element. IC CIO will be presenting the model at the conference.
An assessment of the maturity of IC IT accessibility programs will enable the IC CIO to strengthen the IC workforce by ensuring accessibility for all employees. In turn, this assessment will further promote diversity, equity, inclusion, and accessibility (DEIA) as described in Executive Order 14035 and IC compliance with standards from Section 508 of the Rehabilitation Act of 1973, as amended.
This session will discuss DIA’s preliminary vision for the desktop of the future to include IT peripherals, wireless, multi-domain access with enhanced security filters, and asking for industry recommendations to enhance the user experience.
With the explosion in data collection and sophistication in the past twenty years, Intelligence Units are increasingly struggling to utilize desktop applications that are poorly suited to deal with data at scale and from multiple, disparate sources. Even worse, many will attempt to use one tool to drive all their analyses but not every tool is architected for every type of data. These approaches can lead to a hodgepodge of intelligence silos, tools, and practices that make it difficult for those without extensive technical knowledge to navigate their data. To address these problems and make analysis quicker and easier, many departments are turning to creating data warehouses or data lakes, only to be frustrated with the eventual result.
This presentation seeks to provide a path forward to any intelligence unit that is struggling with data volume, disparate data, dirty data, slow analyses or standing up an analytical unit from scratch. We will discuss three key topics in transitioning to a current best practices intelligence platform. These topics include transitioning from desktop to enterprise, from Bi analytics to network analytics and from relational databases to integrated graph databases. This presentation seeks to be accessible for all levels of technical capability, but is designed for those seeking a way to improve their current intelligence practices.
In an increasingly data-heavy multi-domain battlespace, the operational needs of today’s warfighter have become more critical. This means accessing best-in-class technologies to feed that need for speed during mission-critical events to rapidly move enormous volumes of data to where it is needed for AI/ML processing, storing, and decision-making. Join us as we discuss the keys to deliver advanced new tactical capabilities.
To provide an update on Torch and CIO’s accomplishments integrating Second Party Integree (2PI) partners.
The Baseline Service Central initiative reset the platform to baseline configuration, creating a sustainable platform with minimal technical debt. Join us as we share our journey and show you how rationalizing applications put us on the path to save millions of dollars for our stakeholders and freed their Officers to concentrate on important intelligence work instead of managing manual processes.
The Army Intelligence and Security Enterprise (AISE) continues to execute on the strategic lines of effort within its Information Management and Information Technology (IM/IT) Strategy. Strategic intent is translated into implementation and reality often requires concerted efforts to push through inertia, tackle obstacles, and manage risk to holistically drive organizational change. This briefing from the Army Intelligence CIO will provide his perspective on the progress by the AISE towards the strategic goals to modernize its Information Technology and Information Management portfolio. He will provide his lessons learned and priorities for its future given the continually evolving operating environment.
In FY22, the Army Intelligence and Security (AISE) Enterprise was faced with a critical decision. Faced with potential failure of acquisition and operational fielding requirements, do they continue on the current path of fielding a critical mission system to an on-premises datacenter on multiple operational networks or look for an alternative solution? Despite resourcing and organizational investments in the on-premises plan, the leadership made the swift decision to redirect the mission capability to the cloud. This briefing will describe the seven-month journey to accelerate the mission capability onboarding into the cloud across multiple networks, the cloud enterprise foundation that enabled the swift transition, the lessons learned gained by the AISE and capability stakeholders, and the evidence of its security posture resulting in Department of Defense (DoD) level recognition.