2023 DoDIIS Lunch and Learns

Breaking Barriers with Generative AI: Enhancing Systems Security and Data Sharing for the Warfighter

In the presentation “Breaking Barriers with Generative AI: Enhancing Systems Security and Data Sharing for the Warfighter,” we will explore the transformative potential of Generative AI in the context of emerging technologies to support the warfighter. This presentation directly addresses the theme of the conference, which focuses on the intersection of systems security, access management, and data sharing.

The Department of Defense (DoD) should care about the application of Generative AI because it offers a unique opportunity to overcome existing barriers and enhance the DoD’s systems security and data sharing capabilities. Generative AI has the power to revolutionize the way the DoD operates by enabling the creation of synthetic data, generating realistic scenarios, and simulating complex environments. This technology can significantly improve training, testing, and decision-making processes, leading to more effective and efficient warfighter operations.

By leveraging Generative AI, the DoD can enhance systems security by simulating and identifying potential vulnerabilities, predicting and countering cyber threats, and developing robust defense mechanisms. Additionally, Generative AI enables secure and controlled data sharing, allowing the DoD to collaborate with partners, share information across agencies, and leverage collective intelligence while maintaining data privacy and integrity.

The impact of embracing Generative AI in the DoD environment is significant. It empowers the warfighter with advanced tools and capabilities, enabling them to make informed decisions, respond rapidly to evolving threats, and achieve mission success. By breaking barriers with Generative AI, the DoD can enhance its operational effectiveness, improve situational awareness, and ultimately ensure the safety and security of the nation.

What can we do about AI?

Leveraging AI to augment our information forces gives us massive new capabilities. Adversaries know the same thing and are trying to do the same thing. A small amount of high-performance computing (HPC) in the right places will solve many problems of AI relating to deployment, engagement, and data ingestion in environments where data security and access controls are paramount.

Using AI in secure, reliable, resilient, rapidly updated ways will give us an edge. Relying on commercial cloud providers for all computing, R&D, and services for machine intelligence is a risky way to get that edge. Relying on commercial cloud for the foundations and using in-house HPC expertise and resources to deliver the last mile of machine intelligence will reduce risk and accelerate the adoption of secure, reliable, robust, and repeatable AI inside the enterprise.

Automation and Specialized AI to Accelerate Warfighter Impact

Today’s warfighter is more connected than ever before to a streaming vector of actionable intelligence. Platforms, systems, and data – all traversing an ever-increasing number of endpoints. As we look to events around the world as leading examples of how the battleground continues to change, we are called to action to improve both the offensive and defensive digital capabilities of our military. To win, our priorities must clearly align to automating heterogeneous environments at a moment’s notice, delivering consolidated AI-infused digital experiences to each warfighter, and leverage Automation and AI to protect our digital advantage.

Qrypt Technology Mitigating the Quantum Threat to Secure Communications

Scaling quantum computers will eventually break the digital security used in virtually all modern data networks. For decades, our adversaries have been collecting encrypted communications with the intention of decrypting and operationalizing it when larger quantum computers become available. This Cold War technique is known as “harvest now, decrypt later” (HNDL); it makes headlines today because quantum computers can break our existing algorithms by brute force. The transition to Post Quantum Cryptography (PQC) does not solve the HNDL problem because the new algorithms have no mathematical proof of hardness. As such, NIST advised developers to be “crypto-agile” and prepared to replace PQC at any time in the future.

For decades, implementation errors, weak encryption keys, poor randomness, corrupted software libraries and a variety of attacks resulted in the total exploitation of stored HNDL data. The issue is fundamental to the single-points-of-failure in public key infrastructure (PKI) which is based on a 1970s architecture predating the internet, cloud, virtualization, and containerization used in modern information systems. Qrypt leverages multiple quantum entropy hardware sources and distributed software algorithms to enable end-to-end-encryption (EE2E) with simultaneous key generation at any endpoint. This mechanism decouples the data from the decryption keys, eliminates key distribution and is unaffected by multiple weaknesses in the system, including the potential failure of the PQC algorithms and insider threats.

The modern warfighter will operate in converged PKI environments on 5G/6G networks, using autonomous systems, in smart cities, built on technology under adversarial control. Secure communications will need much higher levels of assurance than currently possible. Incremental improvements to classical techniques will be insufficient in the quantum era.

Containerized Digital Engineering Applications Through Multilevel Security Architectures

Scott Devitt, GDMS
Brian Newson, GDMS

The GDMS Chief Engineer for Multilevel Security, Scott Devitt, will demonstrate and explore real-world SAP use cases with MLS containers for DE Environments. During his 37 years with General Dynamics, Scott has designed, built, installed, and maintained classified capabilities for the DoD and IC including operational mission cells supporting forward locations with multiple stove piped networks at different classification levels. His presentation will highlight the value of a DE polyinstantiated or containerized framework in safeguarding SAP data and the benefits of leveraging a multilevel file share when working across multiple connected classified environments. It will also discuss the challenges faced in integrating the innovative capability into legacy stovepipe SAP networks with existing applications and explore potential solutions.

In summary, these three leading edge MLS DE design patterns present a robust set of solutions to the growing challenge of collaborating and working effectively in the ever-complex SAP community. By leveraging this capability, organizations can bolster security, consolidate costly licenses across networks and safeguard their most valuable data while also dramatically improving user operational efficiency on their primary network. By employing containerized applications, data transfers between networks are eliminated, reducing the risk of information leakage through unauthorized channels.

DoD Supercomputing for Special Programs and SCI Projects

Kelly Dalton, AFRL
Jonathan Thompson, AFRL

This is an update to last year’s presentation regarding an effort to provide DoD funded, shared supercomputing to the acquisition engineering, research, development, and test & evaluation communities. Large scale supercomputers are funded by the DoD High Performance Computing Modernization Program for the purpose of providing no-cost computing to scientists and engineers working on DoD problems. Contractors can also access these resources under a DoD contract involving an RDT&E project. This unclassified/CUI presentation will provide information regarding current status and future plans by the Department of Defense to provide continued access to free supercomputing resources to government and contractors supporting special programs and/or SCI-related projects in the research, development, acquisition, and test & evaluation mission areas. Specifically, the large-scale computing resources provided by the DoD High Performance Computing Modernization Program (HPCMP) will be discussed as well as how to access these resources. The supercomputing systems undergo a recurring technical refresh funded by the DoD HPCMP. The individuals/organizations do not pay for compute time or storage on the DoD supercomputers as these are funded through the DoD HPC Modernization Program.

Detection of Adversarial FOCI in Open Source Software

USG has prohibited acquisition of hardware from sanctioned entities and excluded those companies from doing business in the United States. But most program managers don’t realize that those same sanctioned entities and foreign adversaries actively develop, maintain and control software dependencies used by classified military programs. While these dependencies can theoretically be code-reviewed before approval, they’re almost never reviewed beyond a one-time check for viruses or known vulnerabilities – with little to no monitoring of upstream risks. And even if their source code is reviewed, there’s no chain of trust between repositories and published packages.

This talk will illustrate how Chinese and Russian developers are positioning in the upstream software supply chain, how that risk can be detected and how it can be managed in an automated way, at scale, in the absence of any known or detectable vulnerabilities in the code. Single-maintainer projects belonging to Russian government employees have been identified in federal APIs that handle highly sensitive data at high scale. The ecosystems in which adversarial entities are active include AI/ML used in defense, which was the subject of a year-long analytic project that Ion Channel (recently acquired by Exiger) executed for DTRA. The data backplane for identifying adversarial FOCI in upstream software dependencies has both defensive and offensive value in software-intensive programs and missions.

How AI Can Support Data Security in the Cloud

Kathleen Featheringham, Maximus
Michael Sieber, Maximus
Frank Reyes, Maximus

As the Defense Department (DoD) continues its cloud modernization journey with the Joint Warfighting Cloud Capability (JWCC) and other programs, managing sensitive data in the cloud is a top priority and cybersecurity challenge.

Emerging technologies such as artificial intelligence (AI) offer novel strategies to fortify cryptographic practices, enhance data encryption, and bolster cloud security.

Reaping the benefits of AI-powered cloud security requires good data practices and data governance as well as proper configuration management and modern encryption strategies to ensure data security.

This session aims to address common cloud security concerns and outline use cases for comprehensive cybersecurity and encryption practices powered by AI to properly manage sensitive data in the cloud.

Building The Secure Future: Large Language Models & Secure Classification Review

Jack Gumtow, MetroStar
Cedric George, MetroStar
Joe Early, MetroStar

With decades of sensitive government documents requiring classification review, manual human intervention has been vital but cumbersome. While some technologies aid the process, none—to-date—reduce the cognitive load of a human reviewer. DeCypher (an AI solution) employs cutting-edge language models and classification guidebooks, delivering swift, explainable, and automated classification, markup, and redaction with the essential oversight of human expertise. This talk aims to discuss how we can embrace the future of secure and efficient document classification by diving into the game-changing innovation of AI and Large Language Models.

Insights Unveiled - How Blockchains Are Shaping Our Warfighter’s Digital Future

Derek Claiborne, Chainalysis
Brian Smith, Chainalysis

Web3 is all about innovation and collaboration – but with that comes heightened risks. Chainalysis has a commitment to creating a safer environment for all who enter the world of Web3. In this discussion, we will explore blockchain’s potential in addressing challenges faced by our warfighters. The evolving threat landscape involving strategic competitors, rogue nations, and terrorist groups is examined, with a particular emphasis on their exploitation of cryptocurrencies for illicit activities. The role of blockchain technology in countering these threats is then elucidated, showcasing its characteristics like decentralization and transparency.

This includes a deep dive into using blockchain for geolocating threat actors and tracking illicit activities. International collaboration and the integration of blockchain-based intelligence into defense strategies are discussed as well. Challenges, considerations, future prospects, and recommendations for blockchain adoption in cybersecurity and defense form vital segments of the discourse, ultimately underlining the significance of embracing emerging technologies like blockchain to empower warfighters and enhance national security in an ever-evolving digital landscape.
Audiences will gain a comprehensive understanding of how blockchain technology can effectively address blockchain-enabled threats and enable the geolocation of threat actors in the realm of cybersecurity and defense. They will also recognize the pivotal role of international collaboration and blockchain integration in bolstering national security efforts across evolving global challenges.

Zero Trust Network Access 2.0

Mark Reyero, Palo Alto Networks

Delivering zero trust at an enterprise level begins with a fundamental change in how the DoD builds its cyber security architecture to prioritize both security and performance. Zero trust is built upon the foundation that there is already a malicious actor or compromised data or devices within the enterprise. This assumption creates a need for a process of continuous validation of users, devices, applications, and data in an entirely controlled and visible manner. With Palo Alto Networks’s Zero Trust Network Access 2.0 (ZTNA 2.0), coarse-grained access controls based on an “allow and ignore” model is left behind to introduce a consistent least-privilege access control model focusing on application layer security inspection.

Defense Technical Information Center Overview

Yvette Jacks, DTIC
Christopher Hunt, DTIC
Matt Poe, DTIC

Aligned to OUSD(R&E), the Defense Technical Information Center (DTIC) is the DoD’s central S&T knowledge and analytics center. DTIC’s Deputy Administrator, Chief Data Officer and Chief Technology Officer will provide an overview of DTIC, some exciting AI and ML capabilities we are building out, the ROI of DTIC’s centralized capability, and how the DoD S&T community can engage and partner with DTIC. Attendees will also learn about DTIC’s digital modernization journey, experience implementing DevSecOps, and gain insights into DTIC’s pathfinder experience working with DoD CIO to achieve the Department’s second ever continuous authority to operate (cATO).

Outprocessing the Checklist

Rob Case, DON SAP CISO

An examination of the Risk Management Framework as a dynamic cybersecurity program featuring Cyber Hygiene, Cyber Readiness, and Continuous Compliance as prime disciplines. The end in mind is to finally mature beyond checklists and firefighting, develop locally relevant threat intelligence programs, prepare for continuous ATOs with fully developed ConMon programs, and generate feedback loops between the monitors and responders. This presentation explores the Risk Management Framework and JSIG control families as features of Cyber Hygiene (management of the authorized) and Cyber Readiness (management of the unauthorized) and encourages RMF practitioners to go beyond the ATO. The concept of outprocessing the checklist is encapsulated in a change of mindset; completing a task is not compliance and compliance is not security. Narrative-based bodies of evidence authored and informed by ISSOs are insufficient. Cybersecurity practitioners must seek system-based artifacts as their proof of configuration and ISSOs must be informed by the system.

Enabling Human-Machine Collaboration with Visual Analytics

Chad Steed, ORNL

Visual analytics is a viable approach for enabling human-machine collaboration in today’s most challenging data analysis scenarios. While the increasing volume and complexity of modern data sets severely limits the viability of purely manual, human-centered strategies, most data analysis tasks are inherently exploratory (meaning the user doesn’t know all the questions they may ask of the data beforehand) and require interactive query capabilities. Visual analytics solutions that balance human and machine strengths are ideal, but achieving such a balance is not trivial. It requires judicious orchestration of human strengths, namely creativity, intuition, visual perception, and cognition, with the computational power of machines and the automated algorithms that run on them. In this talk, I will discuss modern data analysis challenges and how visual analytics tools can help solve them. To illustrate these ideas, several visual analytics systems will be described with an emphasis on the integration of human interaction, data visualization, and algorithmic guidance into flexible tools. I will also highlight the application of these tools to real-world applications in explainable AI, sensitivity analysis, multivariate analysis, and text mining. I will conclude with an overview of active and future visual analytics work.

AI Defined Networking

Caleb Snow, WWT
Kimberly Haines, WWT

AIDN leverages state-of-the-art machine learning and artificial intelligence algorithms to detect and respond to even the most advanced and elusive threats. It identifies malicious activities in real-time, minimizing the potential impact of attacks. Through continuous monitoring through AIDN, your organization enjoys 24/7 monitoring of your digital infrastructure. AIDN provides immediate alerts and proactive threat remediation to prevent breaches before they occur.

Through our User-Friendly Interface, our intuitive, user-friendly dashboard simplifies the complexities of cybersecurity management. It offers real-time insights into your network’s security posture, allowing for informed decision-making. AIDN is designed to grow with your organization. AIDNs threat intelligence integrates threat intelligence feeds from multiple sources, ensuring you stay ahead of emerging threats. This knowledge helps AIDN adapt its defenses and protect your organization from new attack vectors.

Intelligent Physical Infrastructure Solution for Zero Trust

Mohammad Raza, Green Lambda

Network infrastructure has to allow the administrators to understand, see, and monitor exactly where threats can enter the network. Add to this, intrusion detection, the ability for intrusion prevention and you have a network ready for government level security.

Mission Collaboration - Bringing the Power of Government and Industry Together with their Data

Kenny Bowen, Microsoft
Rebeka Melber, Microsoft

Historically, the DoD SAP Community has faced a glaring challenge – one of disconnection. Over the past decade, a remarkable transformation has taken place. Thanks to a roll out of enterprise-level SAP capabilities over the past decade, connectivity has surged to unprecedented levels. These advancements have become the backbone of an entirely new era, opening doors to a consolidated stream of data that is poised to reshape the landscape of national defense. The proliferation of Cloud Service Providers (CSPs) authorized for SAP data further signals the dawning of this transformative era. In the midst of this technological evolution, it’s crucial not to overlook the basics. While the buzzwords of Artificial Intelligence and Machine Learning are reshaping our technological landscape, the foundation for these innovations must be steadfastly established. Our success hinges on getting the fundamentals right, ensuring that the most fundamental functions are in place. Collaboration emerges as the cornerstone that will pave the way towards a truly robust and effective national defense strategy. This talk will delve into the narratives of the past, the dynamic landscape of the present, and the exciting potential of the future. It encompasses communication between Defense Industrial Base (DIB) and Government, Enterprise and Mission Users, and General and Privileged Users. As we stand on the precipice of unparalleled technological advancements, it is our responsibility to steer this transformation with clarity, unity, and a shared vision. Through collaboration and convergence, we shall not only bridge past disconnects but also construct a foundation for a stronger, safer, and more technologically empowered future.

All Components Left Behind: Assessing the Troubling State of our Technology Supply Chain

John Loucaides, Eclypsium

Not a month goes by without another deep vulnerability in CPUs, memory, BIOS, BMCs, or some other component buried inside nearly every piece of IT equipment. While these issues sound serious, the very premise of these components is to abstract away hardware details. With adversaries known to be exploiting these bugs, how can we assess vulnerabilities not mitigated by traditional endpoint security solutions?

In this talk, John will explore some of the technical issues related to cyber security of the supply chain. He will explain the most common issues, how to check for them, and how to avoid being taken by surprise. Having personally been involved in research into and coordinated disclosure of serious platform-level vulnerabilities, John will speak from personal experience (both within USG and outside) to suggest practical solutions involving both open source and commercial tools to help with this evolving problem. After discussing issues that affect firmware updates, end of life, component vulnerability scanning, integrity checks, and sanitization/destruction, attendees will discover that even though perfection is impossible, all is not lost.

Spill Coffee Not Data: How to Secure Sensitive Assets and Avoid Being Roasted by Adversaries

Andrew “AJ” Forysiak, Varonis
Chad Mason, Varonis

The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public, private sector, and ultimately, the American people’s security and privacy. By implementing Zero Trust (ZT) across all agency systems, the U.S. government seeks to protect high-value assets, but without first building a solid foundation, any zero-trust architecture will be largely ineffective and unwieldy. Agencies must now strive to provide best-in-class zero trust-based security while satisfying compliance requirements such as EO 14028, DOE O 471.1, and OMB 22-09. Zero Trust represents a paradigm shift in how we think about protecting our assets and requires a multi-phased process to deploy successfully.

Scalable AI, Blockchain and Cyber Solution for the Warfighter

David Metcalf, UCF

AI, Blockchain, and Cybersecurity (ABC) advances are reshaping the enterprise solutions that support the warfighter. This session provides a survey to explore use cases under development at University of Central Florida’s Institute for Simulation and Training including the ARO sponsored Blockchain and Quantum Defense Simulator for multi-protocol prototyping, modeling, and testing, Army TRACRChain Blockchain for automated range data from TRACR2, and Navy Project AI Avenger analysis of AI media scrubbing tools. A review of design, standards, early results, and scalability opportunities and issues will be shared. Synergy with other projects and next steps in ABC solutions to meet emerging requirements for cross-warfighter solutions will be presented. Tangible examples include a digital twin prototype to combine operational readiness and trusted career-spanning data from recruit to retire and a quantum computing cyber awareness and AI Assurance simulation platform. Using platforms like digital twins, quantum-as-a-service, large language models-as-a-service, and advanced simulations allow Commands to explore specialized use case, protocols, standards, and scalability before committing vital resources – leveraging modeling, simulation and analysis techniques such as NSF ICorps and Hacking for Defense. Concluding remarks include discussion of methods of collaboration between military, industry, and academia to leverage public university research and other nonprofit entities.

Zero Trust to Empower Mission – Building the Enterprise Data Architecture for SAP/CAP

Josef Allen, USAF
Adam Gruber, Applied Insight
James Skelton, Applied Insight

Those defending our nation depend on access to accurate, timely information – and must manage large amounts of data from more sources now than at any other point in history. Disparate data sources, networks, and classification levels currently make it impossible for users in SAP and CAP environments to view data within a single standardized and normalized lens, limiting mission agility and increasing the time between data ingest and incorporation into command decisions.

To overcome these limitations, mission teams must currently develop custom tools and rely on manual processing of information to aggregate data and inform decisions. Feature gaps in pre-existing cloud capabilities within SAP environments further inhibit Guardians and other teams from efficiently leveraging cutting-edge technological capabilities to satisfy mission requirements, such as real-time data streaming, access to native cloud resources, and multi-cloud capabilities.

Providing holistic data processing in SAP environments presents three major challenges: data transfer across and between classification fabrics, data access governance, and multi-tenancy. Additionally, implementing a fully comprehensive Zero Trust Architecture is paramount.

This problem is complex, but with the right tools it is solvable.

To accelerate data sharing to mission teams in a Common SAP across classification fabrics and disparate networks, USSF built a highly scalable, multi-tenant, ATO’d environment – empowering program teams to migrate critical mission workloads to the cloud while maintaining logical separation of those workloads. Additionally, the USSF team designed and implemented a cutting-edge data management capability that enforces Zero Trust access to data assets leveraging a cloud-based architecture.

Federated Data Management at the Tactical Edge

Caden Bradbury, NetApp

AI models are only effective if they can be utilized in the most extreme tactic edge scenarios. (Think: in the back of a Humvee, on a Naval Ship, in a remotely operated drone, etc.) While the training of accurate models is vital, the biggest challenge in these edge environments is moving data and models to and from the tactical edge to core data center.

Models must be continuously improved to be used effectively. They must perform at the highest level possible for the DoD. This is especially true in life-or-death scenarios, like automated target acquisition models. To optimize models, new data must be continuously fed to the algorithm.

ExtraTerrestrial Networks: Exploring WAN in the Final Frontier

Wilbur Smith, Arista Networks
Lindsay Clarke, Arista Networks

In this presentation, we delve into the challenges and possible solutions when designing a unified, multi-domain network architecture that seamlessly integrates a diverse range of platforms: GEO & LEO satellites, airborne platforms, terrestrial networks, GovCloud transit, and trans-oceanic cables. This architecture not only ensures dynamic, encrypted, and secure multi-access networks, but also incorporates a self-healing fabric that can adapt to signal-denied environments while reducing operational load.

Complementing this vision, we will explore the paradigm shift from legacy network operating models towards a software-centric ‘modern operating model’. Here, configurations are procedurally generated by automation that incorporate variables from multiple discrete systems-of-record. We also simulate network changes in a virtual twin environment, deploy to the network upon completion, and generate comprehensive documentation of the change.

Leveraging AI/ML to Automate & Expedite Cyber Threat Hunting

Gentry Lane, ANOVA Intelligence

We’re looking for more DAOs to participate in a JFHQ-DODIN sponsored pilot. Nemesis is a novel computational software platform that addresses current capability gaps required to sustain deterrence in the cyber domain. By leveraging new discoveries AI/ML/DL, Nemesis functions as a global, interoperable, standardized cybersecurity software platform for early detection, rapid attribution, secure intelligence sharing, and global situational awareness of advanced persistent threat activity in DoDIN endpoints. Nemesis R&D was funded by DHS & DoE at Oak Ridge National Laboratory.

Defense Intelligence Enterprise Data and Analytic Services (OUSD(I&S))

In order to face the challenges posed by great power competition in the digital age, the Defense Intelligence Enterprise (DIE) must adapt its mindset and approach by embracing digital transformation. The DIE must accelerate digital transformation efforts to efficiently and effectively share data, information, and intelligence among Military Services, Defense Agencies, and Combatant Commands. A critical enabler of digital transformation is a seamless digital foundation. The Digital Foundation includes the services comprising the digital substructure that enables rapid deployment, scaling, testing, and optimization of intelligence software as an enduring capability. A digital foundation will achieve a simplified, synchronized, and integrated multi-cloud environment that can adopt innovation at scale and promote good cloud hygiene. The delivery of a Digital Foundation ensures DIE data, architecture, and infrastructure are integrated and ready to enable: Joint Warfighting Concepts, Innovation at Scale, AI, Augmentation, and Automation, and Zero Trust.

DIA's Journey to Zero Trust (DIA)

As the agency has begun its journey to transitioning to Zero Trust, we have been meeting with industry partners to discuss best practices in order to support the objectives identified in National Security Memorandum 8; Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems. We have initiated a prototype effort exploring innovation opportunities in order to enhance core service offerings contributing to the Zero Trust journey. This brief will highlight areas we are collaborating with community and industry partners to adapt our environments to be positioned for supporting future mission requirements with a secure data-centric enterprise.

DCSA Ai Cloud Exploration (DCSA)

Defense Counterintelligence and Security Agency (DCSA) is collaborating across the Defense/Intelligence Communities to advance application of artificial intelligence (Ai), to thwart the rapid pace of threats posed by our adversaries. This presentation will show our efforts on the structuring of data and consolidation of unique Ai and cloud tools, and enterprise cross domain services to manage cost, mitigate risk, and increase mission effectiveness.

Common Data Fabric (CDF) | Rapid Data Sharing With the Warfighter (DIA/CIO)

The ability to access data necessary to make battlefield decisions at the speed of relevance is critical to the Nation’s defense and tactical advantage. The Common Data Fabric (CDF) fast data broker is an evolution in data sharing across silos, organizational and mission boundaries making data available to any consumer machine that can enforce data policy. The CDF is a cloud-based commercial software data brokering capability that functions anywhere a connection can be established and easily integrates with existing and legacy architectures to make data available to U.S., Joint Taskforce Warfighters, US Allies and Mission Partners. CDF is deployed by the Defense Intelligence Agency (DIA) and is a foundational pillar of the data sharing vision of the Secretary of Defense as we transform the digital ecosystem towards an Enterprise Construct.

Improve Your Customer Journey Across Multiple Channels (DIA/CIO)

CIO has applied Service Delivery Modernization to improve the customer experience. We have implemented large efforts to stand up In Person Service Centers, integrated Live Chat on the desktop, ensured our Knowledge Articles and IT Equipment Catalog are 508 compliant, Service Central automated workflows, @CIOTechTips, and small initiatives to improve IT training/lab sessions for our new officers, and play jazz music for our listeners as they wait for a technician to answer their questions. This presentation will be an opportunity to share the advanced services that have been implemented, share our journey map, and to hear from our customers in a question and answer session about what improvements they would like to see. We’ll introduce the 13 December 2021 Executive Order on Transforming Federal Customer Experience and Service to Rebuild Trust in the Government and time permitting, explore self-help options that are available (Self-service-password-reset, go words, cross domain dialing, extension mobility, virtual desktops, etc.)

Raising the Bar for Cybersecurity Beyond the First Line of Defense: How NITAAC GWACs Can Help (NIH)

In 2018, there were more than 31,000 cybersecurity incidents affecting government agencies. In 2019, the U.S. government accounted for 5.6 percent of data breaches and 2.1 percent of all exposed records. It is imperative the US Government secures citizens’ information and federal agencies must continue to deliver services, regardless of cyber-attacks seeking disruption of those services. Fortunately, significant strides have been made to ensure just that. The Biden Administration’s budget request includes roughly $10.9 billion for civilian cybersecurity-related activities, which represents an 11% increase compared to 2022. To date, over a billion dollars has been awarded through NITAAC for cybersecurity solutions including training and awareness programs, professional and technical support services, and IT modernization for the Department of Defense, Department of Veterans Affairs, Department of Agriculture, Department of Justice, and more. In fact, all aspects of cybersecurity products, services, and commoditized services are readily available under the three Best in Class GWACs that NITAAC administers: CIO-SP3, CIO-SP3 Small Business, and CIO-CS. NITAAC’s federal customers can quickly obtain cybersecurity solutions without the tedious processes under FAR Part 15; instead using FAR Part 16.5 to issue task and delivery orders quickly and easily for mission requirements. Customers also have access to NITAAC’s secure electronic government ordering system (e-GOS) to further streamline competition, management, and award. During this session, NITAAC Deputy Director Ricky Clark will provide an overview of the NITAAC GWACs and discuss how as the U.S. government continues to roll out mandatory cybersecurity standards for government agencies, NITAAC can help agency partners raise the bar for cybersecurity beyond the first line of defense.

Leveraging Cloud to Address Exponential Growth in Modeling & Simulation (M&S) (Army G2/NGIC)

Starting in FY23, the National Ground Intelligence Center (NGIC) must rapidly respond to exponential growth in Modeling and Simulation (M&S) requirements. As a key initiative nested in its Modernization Strategy, the NGIC is shifting its reliance from on-premises infrastructure to focusing on mission solutions using cloud services to anticipate, adapt, and respond to fluctuating mission demands. This briefing will describe the Army Military Intelligence (MI) Cloud Computing Service Provider (AC2SP) M&S environment as the scalable solution to meet these mission requirements for the Army Intelligence and Security Enterprise (AISE) across three operational networks.

DIA’s Ongoing ICAM Journey (DIA/CIO)

Present DIA’s current Identity Credential and Access Management modernization effort and ask for industry best practices for the future of the field. Present how well we are doing and describe our journey.

DIA Platform (DPaaS) – Enabling Multi-cloud Application Architectures (DIA/CIO)

The DIA Platform-as-a-Service (DPaaS) is an enterprise container management platform enabling application developers to build to a single standard that provides advanced and commonly used technical enterprise services necessary to decrease development time while achieving strategic competition goals.

DPaaS enhances a developer’s ability to focus on functionality, enabling mission applications to be rapidly prototyped and move at the speed of mission by reducing technical overhead.

This functionality coupled with DevSecOps and the Capability Delivery Pipeline (CDP) enables applications to be developed and deployed securely, quickly, and easily no matter the location or infrastructure, freeing up development teams from tedious and complicated deployments.

NSA's Standards and Certifications: Shaping the Cybersecurity Marketplace (NSA)

The DoD and the US more generally is increasingly dependent on commercial products that provide crucial elements of our cybersecurity. Located in NSA’s Cybersecurity Collaboration Center (CCC), Standards and Certifications plays a significant role in shaping the marketplace for these products across the lifecycle of development. Through its leadership in standards bodies (ensuring that critical security requirements are built into the standards that commercial products implement) and its leadership of the National Information Assurance Partnership (which sets the testing requirements for commercial products that will protect classified information and systems), Standards and Certifications establishes a baseline that products will be built to and tested against. The placement of Standards and Certifications in the CCC enables it to bring to bear relationships with Defense Industrial Base companies as well as NSA’s enormous capacity for threat intelligence to inform and strengthen the standards and certifications mission. This talk will provide the audience with an overview of NSA’s standards and certifications programs, give examples of how the programs raise the level of security in commercial products that protect DoD systems and describe how our DoD customers can help us by providing concrete requirements that strengthen our bargaining position in standards development organizations.

Extended Reality In The Government (DIA)

This panel will consist of experts from DIA’s Academy for Defense Intelligence and industry to discuss how extended reality technologies (augmented reality, virtual reality, etc.) can impact the workforce by enhancing everything from training to daily operations. Bring your curiosity, questions, and vision for the future as we examine the art of the possible!

Model Driven DevOps for DoD Network Operations

Develop Network Infrastructure More Rapidly, and Operate It More Securely and Effectively.

Using model-driven DevOps and the Infrastructure as Code (IaC) paradigm, teams can develop and operate network infrastructure more quickly, consistently, and securely–growing agility, getting to market sooner, and delivering more value. This is a pragmatic talk about implementing model-driven

DevOps for infrastructure. It contains insight in to lessons learned and illuminates key differences between DevOps for infrastructure and conventional application-based DevOps.

Whether you are a network or cybersecurity engineer, architect, manager, or leader, this talk will help you suffuse all your network operations with greater efficiency, security, responsiveness, and resilience.

Leveraging Disruptive Graph-Based Views for Better Decision Making

This session will describe how to leverage graph database technology to enhance analysts’ ability to fuse together and interact with extensive volumes of data from disparate intelligence feeds, both controlled/protected and publicly available/open source. These disruptive graph-based views can be integrated into most existing analysis platforms, extending and providing more immersive views and experiences with data and the ability to extract meaningful and actionable insights as data volumes increase in size and complexity.

Through these new graph database views, analysts interact with data represented by nodes and edges. This flexible data architecture allows for rapid filtering of data layers, producing a truly immersive environment filled with color, highlighting, line thickness, borders, icons, badges, and more, allowing the analyst to fully leverage graph database node and edge methodology. These visual cues help the analyst to find and link critical pieces of data together, providing highly reliable information that the analyst uses to see data more clearly, make more accurate predictions, and be confident in their decision-making.

The Future of CIO (DIA/CIO)

Join the DIA Chief Information Officer, Mr. Doug Cossa, as he moderates a discussion on the future of CIO considering the ever-evolving landscape of Information Technology. Panel members will feature junior civilian personnel across DIA CIO—the forces on the ground implementing DIA CIO’s key initiatives and riding the waves of the latest technological advancements. Through this session, attendees will gain a better understanding of DIA CIO’s current successes and challenges from the action officer viewpoint. Further, attendees will gain insight into how the Intelligence Community and Department of Defense must continue to evolve to enable mission.

NGA’s Common Operations Release Environment (CORE) and DIA’s Capability Development Pipeline (CDP) (NGA-DIA/CIO)

The IC treats data and software as strategic assets. The IC transcends strategic competitors through innovation, adaptation, and collaboration by facilitating a shared environment for software modernization. We set the foundation for success via common software environments, which provides a mature, versatile DevSecOps environment for internal and external teams. This game-changing tool suite and associated approach provides the fastest way to deliver mission-specific software — independent of the underlying data and infrastructure. It enables teams to have quick delivery to operations, security early on, and the benefit of code sharing and reuse. This presentation will provide an overview of that ecosystem and will focus on how:

Internal and external DoD and IC teams are provided with:

Industry leading DevSecOps capabilities.
Parity of tools on all security domains.
Low to high automated movement of code and artifacts.
Maturity of capabilities

How to onboard:

Completion of the external team questionnaire hosted on Intelink at https://go.intelink.gov/ku5ZQH2
Coordination of a service agreement and funding.

Challenges

Reciprocity
People/Process

Innovation and Emerging Technology Adoption (DIA/CIO)

This panel will provide insights from DIA’s Chief Financial Office, Future Capabilities and Innovation, and the DIA representative to InQTel on how DIA is working to leverage contractual vehicles to best support the adoption, purchase, and curation of innovative solutions and emerging technologies needed to address enterprise challenges. Come with your questions and notebooks to learn more about these unique partnership opportunities in the critical emerging technology and innovation spaces!

Impacts of Artificial Intelligence on Space Domain Awareness and Strategy (DIA/CIO)

The ongoing strategic power competition along with the adversarial implementation of innovative technology, such as Artificial intelligence (AI), has emphasized the need for increased awareness and strategic warning in nearly every warfighting domain. Increased use of this technology provides a unique challenge and strategic avenue for the U.S. Intelligence Community and its partners as they seek to maintain their competitive edge in the era of near-peer adversary competition.

This research project addresses Edge AI technology affecting the U.S. strategic defense posture in the Space Domain. The use of this dynamic technology in one of the most influential and uncharted mission spaces lends an insightful discussion on the cascading effects of AI advancement. This project has the potential to lend itself to further engagement with the private sector, as well as future substantive research projects.

To address our methodology, we will divide this research into a discussion on the existing technologies that would be impacted given the event of a flash war in space. Discussion on the interconnectivity and vulnerabilities of these systems, the way Edge AI would be able to potentially augment or damage the intended functionality of these systems, as well as the legal ramifications for the use of edge AI in the space domain. It would include communications satellites, GEOINT constellations, ground nodes, and cloud data storage.

It is important to note that though policy capabilities and funding specific to each military branch are important considerations regarding AI employment within the Joint All Domain Command and Control (JADC2) architecture, expanding these topics in detail would extend beyond the scope of our project.

Enhanced Domain Awareness (SOUTHCOM)

As the enterprise modernizes the CIP/COP, it does so on the classified domains. As an alternative, EDA is a secure, virtual environment on the UNCLASSIFIED domain where SOUTHCOM, interagency, and allied/foreign partners can collaborate and share information on security challenges affecting the SOUTHCOM AOR – strategic competition, IUUF, migration, illegal mining, etc. The program ingests and standardizes multiple datasets (PAI, CAI, academia, non-traditional partners, etc.) for participants to exploit and develop their own intelligence. The shared environment also enables the creation of Communities of Interest (COI) for further collaboration between entities. EDA is resonating amongst the OUSD I&S, OASD R&E, JADC2, JS J28, Cogent Way, Thunderstorm, and other programs/organizations as the future enterprise prototype solution for information sharing and knowledge graph capabilities.

CIO Storefront (DIA/CIO)

In partnership through the Desktop Environment (DTE) Integrated Program Office, DIA CIO is collaborating to extend components of its TS/SCI Common Operating Environment (COE) domain as a service offering. The CIO StoreFront concept will meet current and emerging requirements centered on deliberate, efficient and repeatable processes for an unmatched customer experience.

DIA's Cyber Strategy (DIA/CIO)

This session will describe and clarify DIA’s Cyber strategy aligning our priorities with the DIA Director and CIO.

Topics of discussion/clarification will include our alignment and way forward pertaining to the National Security Manager (NSM-8) and the Cyber Executive Order 14028 improving the Nation’s Cybersecurity. 1. Modification of Cyber Security Tools 2. Risk Management Framework (RMF) 3. Zero Trust, 4. Agile DevSecOps pipeline 5. Information System Security Manager (ISSM) and Continuous Monitoring.

Don’t Lose Your Investment! Integrate Cyber Supply Chain Risk Management within Acquisition & Engineering Strategies (DIA/CIO)

For a number of years, strategic competitors have exploited and subverted vulnerabilities in the DoD/IC supply chain. These adversarial efforts, which includes stealing U.S. intellectual property, results in decreased confidence in securing critical solutions, services and products delivered to the DoD. Contractor facilities supporting hardware/software design, development, and integration are frequently targeted as cyber pathways to access, steal, alter, or destroy system functionality. Since malfeasant activities can compromise government programs or fielded systems, DIA continues to evaluate and implement efforts to harden its supply chain commensurate with the risk to national security. Within DIA’s implementation of the Risk Management Framework, DIA has aligned cyber supply chain risk management with the acquisition process and engineering strategies. These efforts enable DIA to create a framework for cybersecurity due diligence – influencing the Intelligence Advantage.

This session will describe and clarify DIA’s implementation of the DoD/IC supply chain risk management program. Specifically, the briefers will discuss how Cyber supply chain risk management has been integrated within cybersecurity, engineering, and DIA’s acquisition strategy. Both internal and external customers will also obtain knowledge of: (1) How to obtain DIA’s SCRM Services, and (2) best practices to actively and pre-emptively address supply chain threats.

Intelligence Community Cybersecurity Improvements (ODNI)

While detailed information would normally be provided on a need-to-know basis at classified levels, our session will not cover any details that would expose classified information. Since this conference is unclassified, we are only going to speak to large trends, concepts, and generic activities. There will not be any details provided to attendees about any particular agency’s status, and we will not be discussing vulnerabilities that could be exploited by adversaries.

Adaptive Networking for Resilient Collaboration

The convergence of new networking paradigms including 5G cellular and satellite constellations with global coverage provides novel opportunities for defense innovation, leveraging commercial technologies for failsafe communications and collaboration. Overlay technologies such as SD-WAN enable adaptive, highly available networks to be established on-demand for strategic advantage, securely connecting over any available paths. These capabilities transcend traditional architectures, delivering continuous transmission for mission-critical applications and real-time decision-making, benefitting connected devices and command and control alike.

Achieving Zero-trust with an Ambient Service Mesh

Service mesh can play an important role providing a zero-trust networking foundation, however, it also poses a few operational and security challenges. First, in current implementations, a service mesh is opt-in by deploying a sidecar process with the secured resource. Second, tying infrastructure components into application deployments makes it more difficult to patch and upgrade when vulnerabilities are discovered. Lastly, current service mesh implementations can be difficult to extend to existing workloads. In this talk, we dive into an “ambient” service mesh that runs without sidecars and addresses these previous issues without trading off zero-trust properties.

Deploying AI to Supply the Warfighter

The Public Sector must deliver on ever-expanding missions while battling against siloed legacy applications and vast, untold volumes of information. This session will explore how Defense Logistics Agency, a 26,000-person combat support agency for the U.S. Department of Defense, has treated AI-powered content management as a strategic tool to save time and energy to supply the warfighter. Learn how DLA has gained an information advantage in supplying the U.S. military with its equipment needs.

Topics covered will include military moves, supply chain and audit readiness, content services, intelligent capture, password complexities, and unstructured content.

Adopting Emerging Commercial Technologies to Meet Classified Mobile Communications Requirements

Enabling classified communications and situational awareness can be difficult and expensive for deployed, remote, collaborative, and contingency use cases.

Following guidelines from NSA’s Commercial Solutions for Classified (CSfC) program can overcome many challenges associated with legacy systems for classified communications and can help organizations benefit from the fast pace of commercial innovation in mobile devices.

Using CSfC, organizations have options for enabling executive mobility and remote work (e.g., using laptops and smartphones), site-to-site extensions of classified networks (e.g., for remote tactical teams, branch offices, home offices, or multi-building campuses), and classified campus-area Wi-Fi networks.

This session covers how to design and deploy systems conformant to the CSfC program and illustrates specific real-world examples of systems in use today for federal enterprise and tactical use cases. This session also covers emerging technologies and solutions that address the newly updated CSfC requirements such as continuous monitoring, as well as complexity challenges inherent in these solutions.

Social Distancing Big Data; Processing and Enrichment at Scale on a Quarantined Network (NMEC)

NMEC will provide an overview of their approach and capabilities to process and enrich large volumes of data to enable effective search, discovery, and correlation across large unstructured data sets while overcoming the unique challenge of being separated from enterprise networks and tools. NMEC will also share their approach to utilizing data science capability to derive maximum value from data in order to address high priority intelligence requirements.

The Intelligence Community Joint Architecture Reference Model (IC JARM) Version 6: Reintroducing the IC Reference Architecture (ODNI)

The session will provide insight into the Intelligence Community’s IT and mission needs. Industry attendees will learn how to utilize the Joint Architecture Reference Model (JARM) to address requirements on IC elements acquisitions. IC attendees will learn how to align priorities into mission resource needs across the Doctrine, Organization, Training, Materiel, Leadership and Education, Personnel, Facilities, and Policy (DOTMLPF-P) moving down from their strategy to define capabilities and their enabling technical services. The session will demonstrate how the JARM can be utilized to make invest/divest decisions, develop IC Service Provider catalogs, and discover IC services. JARM supported capability gap analysis will also be demonstrated by using heat maps to align investment to capability and service needs. DoD attendees will learn how to define their architecture to integrate with the IC.

Strategic Human Capital Talent Management for IT Modernization (Army G2/NGIC)

The US Army National Ground Intelligence Center (NGIC) is exercising a portfolio-based approach to transition its mission capabilities to the cloud through rationalization, integration, and modernization. A key strategic focus is human capital and talent management that holistically invests in its workforce shifting from declining IT responsibilities to focus on emerging skills and disciplines such as cloud computing, data engineering and modern application development. This briefing will describe the human capital and talent management strategy and implementation plan to drive operational readiness of its IT workforce to meet the current and future demands of the NGIC mission. This will also include a demonstration of the tooling used to visualize the IT workforce’s skills and disciplines mapped to mission needs and capacity.

Orbital Warfare Training & Technology (SPACECOM)

The space domain requires analysis in four dimensions (x, y, z, t). Unlike the other warfighting domains, space planning, wargaming, and decision making must be done using tools capable of multi-dimensional visualization and simulation of near-Earth orbits (e.g., Analytical Graphics/Ansys Incorporated Systems Tool Kit, or STK). Such tools have proliferated over the last decade across a vast array of government and non-government space users. Much like the Microsoft Office 365 suite of productivity tools, or Adobe’s Acrobat/Creative Suite, Systems Tool Kit has become the modeling and simulation software of choice for those involved in the national security space arena. In the area of orbital warfare training specifically, STK is used an instructional aid to make tangible the realities of space flight, systems engineering, astrodynamics, and orbit propagation. Organizations like the US Space Force’s National Security Space Institute, US Space Command, rely on STK to perform computations and analyses to inform real-world decision making during critical moments of space launch, orbit maneuver determination, and other activities in space. In this regard, modeling and simulation technologies for the space domain have become as ubiquitous as Microsoft-type productivity software deployed on a standard desktop configuration. Therefore, STK or other software tools like it, must be treated as a productivity tool and not as a special-use case to be found in a high-performance computational center or battle lab. Licensing arrangements, deployable efficiency, and proliferation must continue to be made advantageous to the average space user.

Modernizing the NGIC Capability Portfolio towards a Data-Centric Mission Architecture (Army G2/NGIC)

The National Ground Intelligence Center (NGIC) is exercising a portfolio-based approach to transition its mission capabilities to the cloud through rationalization, integration, and modernization. A key strategic focus is the holistic transition of NGIC’s portfolio from application “data silos” to a data-centric architecture with supporting services to align to its modernization goals, increase operational efficiencies, and adapt to customer requirements. This briefing will describe the NGIC team’s target architecture, cloud-based solutions, enhanced processes, approach, and lessons learned.

MARS Interoperability Lines of Effort (DIA/MARS)

The Defense Intelligence Agency is developing the Machine-assisted Analytic Rapid-repository System (MARS) to transform the management and production of intelligence on foreign military capabilities. This briefing will provide an update on MARS’s journey to initial operating capability, status of interoperability efforts and how they enable JADC2, and plans for edge implementation of MARS.

Joint Regional Edge Nodes (JREN) (NGA)

As part of NGA’s greater multi-tier Edge Strategy, the JREN is being deployed to Combatant Commands. This highly scalable capability is designed to position significant storage, compute, transport bandwidth, and applications closer to the Tactical edge. JREN will support expanding Department of Defense, Intelligence Community and Coalition customer requirements with content specific to their area of operations, GEOINT/partner applications and high-performance compute. Design considerations include: increased resiliency in Denied, Degraded, Intermittent, Limited (DDIL) communications environments via direct satellite downlink, reduced transport latency, and the use of the NGA CORE software development method to develop, deploy, and sustain modern GEOINT software. All designed to facilitate the movement of critical intelligence and data sharing.

Deployment has started at USINDOPACOM with additional COCOMs receiving delivery in the upcoming outyears.

Inclusivity and Digital Transformation (DIA/CIO)

With more than 15% of the world’s population experiencing some form of disability, DIA understands accessibility is more than an adherence to Section 508 standards. It’s about inclusive design – developing digital solutions to meet a broad spectrum of intersectional needs, perspectives, and behaviors, rather than solely creating accommodations for specific disabilities. This presentation will describe resourceful ways DIA is expanding its IT accessibility expertise across the Enterprise and how to utilize collaborations with Industry to develop innovative solutions like a speech recognition application for its Deaf and Hard of Hearing community. This presentation will share DIA’s plan to integrate accessibility and inclusivity into its software development lifecycle rather than adding it on as an afterthought.

IC SCC: Enabling a Better IC Cyber Defense Posture (ODNI)

The IC Security Coordination Center (SCC) is the Federal Cybersecurity Center for the IC and coordinates the integrated defense of the IC Information Environment (IC IE) with IC elements, DoD, and other U.S. Government departments and agencies. Working with the other defense-oriented Federal Cyber Centers—the Joint Force Headquarters (JFHQ) Department of Defense Intranet Information Network (DoDIIN) and the Cybersecurity and Infrastructure Security Agency (CISA)—the IC SCC facilitates accelerated detection and mitigation of security threats and vulnerabilities across the IC by providing situational awareness and incident case management within the shared IT environment.

In FY ’23 the IC SCC is enabling a better IC cyber defense posture through the procurement of IC-wide enterprise licenses of commercial Cyber Threat Intelligence from multiple vendors, an Endpoint Detection and Response (EDR) pilot program for IC-wide adoption, and an enhanced patch repository for prioritizing patch management and driving down shared risk across the enterprise. Join us as we detail these initiatives and how they can help secure your environment!

IC Chief Architect Panel (ODNI)

The session will provide an opportunity to hear from Chief Architects from NRO, NSA, NGA, DHS Coast Guard, DNI, and DoD. The panel will be hosted by the Intelligence Community Chief Information Office (IC CIO), Architecture and Integration Group (AIG). The panelists will respond to questions on how they are shaping their agency’s technology roadmap and how they coordinate and drive mission integration within their element and across the IC and DoD. Attendees will gain understanding of programs and initiatives across the IC that are modernizing systems that support the intelligence lifecycle and improve integration. The panel will leave the attendees with a better understanding of the role of the Chief Architect within each represented organization.

Enabling Army Intelligence Cloud-based Data Science Capabilities at Speed and Scale (Army G2/NGIC)

At DoDIIS 2021, the Army Military Intelligence (MI) Cloud Computing Service Provider (AC2SP) briefed the mission outcomes realized by leveraging its cloud-based Data Science Environment (DSE) to rapidly respond to a mission requirement in less than two weeks from problem to solution. This briefing will build upon the prior successes and describe the AC2SP Data Science Product Line to include its core product offerings and underlying cloud services supporting Artificial Intelligence and Machine Learning (AIML) to enable multi-tenancy and respond to the variability in data science requirements across the Army Intelligence and Security Enterprise and multiple operational networks.

Does Having a Positive Work Environment Reduce The Risk For Insider Attacks? (USMC)

We hear that promoting and maintaining a healthy work environment is important. Cyber and physical security threats from trusted insiders are on the rise and there is evidence that what happens in the workplace impacts motivation for and mitigation of possible attacks. This interactive presentation introduces research and case studies to highlight the complex role the work environment and the resulting work culture play in deterring and mitigating risks that can lead to attacks that harm national security and result in loss or degradation of vital resources and capabilities. The presentation includes promising practices for those who want to improve their respective work environments and reminders for those already doing the work. The topic offers an opportunity to engage, reflect and specific examples of ways to innovate, adapt and collaborate to improve and protect work settings that are increasingly targeted by our adversaries.

DIA's AI Strategy (DIA/CIO)

Technological innovation is disrupting societies with serious implications for the era of Strategic Competition. AI is rapidly emerging as a powerful technology with the ability to illuminate tactical and strategic advantages against our competitors. Federal mandates, such as the National Security Commission on Artificial Intelligence’s mandate that all Intelligence Community (IC) and Department of Defense (DoD) entities be AI-Ready by 2025, reinforce the urgency and imperative of leveraging AI.

In response to this mandate, DIA’s Chief Technology Office (CTO) was named as the office of primary responsibility for DIA Strategy Line of Effort (LOE) 2.9 – AI Readiness, outlining how the Agency can reach AI readiness, AI competitiveness, and AI maturity. The purpose of LOE 2.9 Is to transform culture and capabilities, creating an AI ready workforce that enables DIA officers and organizations to innovate, incorporate and advance AI throughout Agency missions and processes to meet the demands of Strategic Competition and obtain data driven dominance. CTO is collaborating with partners across industry, academia, IC, DoD, and Five Eye (FVEY) to create a strategy that will ensure we meet this purpose.

Learn about the DIA AI Strategy goals and objectives and the key pillars for transforming DIA into an AI Ready organization.

DIA Data Hub (DDH) | Agency Data Platform For Secure Discoverability and Accessibility (DIA/CIO)

The DIA Data Hub’s (DDH) objective is to offer an Agency data platform that ensures easy discovery of and secure, automated access to DIA data assets. The DDH concept will modernize the DIA’s data handling, storage, and delivery by using best-of-breed technology and treating data as an enterprise-wide asset. DDH will both provide a place for new data to reside, as well as free existing data from process and technologically driven silos. By treating data as an enterprise-wide asset, it will give mission and business analysts the full range of information necessary to provide insights to stakeholders ranging from the warfighter all the way to congress. DDH’s strategy is to meet customers where they are, enabling customers to keep data and services where they need it. This capability will allow data scientists to comingle data to derive new insights, and let developers quickly build applications by leveraging DDH as their data store. When data is treated as an asset, it opens the door to new efficiencies, insights, and capabilities. By providing all DIA users the data they need, DDH creates a foundational capability that will be key to maintaining a strategic and competitive advantage over our adversaries.

Department of the Air Force (DAF) Intelligence, Surveillance, Reconnaissance (ISR) Digital Transformation (USAF)

Discussion of the transformative digital infrastructure services and platforms being matured by the Air Force Intel Community in support of ISR and broader DAF. The Air Force Intelligence Community’s Digital Infrastructure leverages IC cloud capabilities, integrating them across the enterprise, from transport to analytic tools, to provide an agile, resilient and scalable information environment at unclassified, secret and top-secret SCI levels, to enable transformation today, toward the future we need.

Defense Information Systems Network (DISN) Future (DISA)

The Transport Services Directorate Senior Technologist at the Defense Information Systems Agency (DISA) provides a strategic outlay of future enabling technologies, initiatives and capabilities that will deliver the next generation of global resilient communications capabilities to the warfighter. He will provide a strategic roadmap on the DISN core global transport evolution – from the barriers, to modernization areas, and information sharing approaches – to deliver a no-fail long haul transport architecture for DoD, Intelligence Community, US and Allied Government capabilities. Additional discussion on the need for joint mission integration to ensure the operational status of the underlying environments can be seamlessly integrated with the different domain owners, such as DIA, to assure end-to-end mission delivery and performance.

Modernizing IT Service Delivery—Accelerating Mission Outcomes through AIOps

Understanding Artificial Intelligence in IT Operations (AIOps) can be a daunting task given the various definitions of the term. IT Operations teams are seeking the advantages of Machine Learning (ML) and Artificial Intelligence (AI) to unlock better decision-making and to drive automation and self-healing to support mission essential applications. AIOps is not a single product, rather a journey where key components intersect and leverage machine intelligence and speed to drive outcomes. Join Lee Koepping from ScienceLogic as he de-constructs the essential elements of AIOps and how context driven observability and automated workflows can accelerate mission results to optimize IT service delivery.

Collaborative Command and Control – Organizing for Crisis (USAF/618 AOC)

For years, operations squadrons across the globe used whiteboards and printed crew binders to execute global missions. A handful of aircrew members teamed up with Platform One to revolutionize the way crew management and distributed operations are done using a commercial-off-the-shelf (COTS) solution hardened and hosted on government servers. We discovered a fast and secure way to pass mission data from operations centers to crew members enhancing safety and mission velocity. This collaborative command and control flow enabled the early recognition of issues allowing us to maximize crew effectiveness on the road. The team used a Small Business Innovation Research (SBIR) grant to work with Mattermost to make defense enhancements focused on Air Operations Center workflows and needs. We realized that these types of collaborative capabilities allowed us to build a shared reality outside of our silos and solve issues before they occurred. This capability was demonstrated during the Kabul evac where stage managers took full advantage of the ability to self-organize and collaborate during the Kabul evac enabling the largest Noncombatant Evacuation Operations (NEO) in U.S. history. This talk gives an in-depth look at how innovation and technology laid the ground work for success.

The Timeless Cyber Attack Vector: Evolution of DNS Cyber Attacks by APT and Innovation Methods to Mitigate the Evolving Threat (NSA)

This talk will present an overview of DNS cyber attacks over the past several years by Advanced Persistent Threats (APTs) and how the types of attacks and mitigations have evolved over time. It will discuss why DNS continues to be a commonly used vector for adversaries and how cyber defenders can innovative to strategically defend against the most sophisticated APT using complex DNS techniques for malicious activity.

AI Evolution Panel (DIA/CIO)

As strategic competitors continue to adopt AI as a disruptive technology used to advance warfighting and intelligence gathering capabilities, it is imperative that the defense community come together to develop solutions for leveraging human-machine teaming to achieve decision advantage and dominate our strategic competitors. This panel will address how the Intelligence Community (IC) and Department of Defense (DoD) utilizes AI to continue to revolutionize the way we maintain strategic and tactical advantage in an era of Strategic Competition. Attendees will hear from AI experts spearheading efforts within their agencies to adopt AI as a means to outpace our strategic competitors and ultimately prevent and decisively win wars. Agencies include: the National Security Agency, the Central Intelligence Agency, and the Chief Digital and Artificial Intelligence Office. This panel will be moderated by DIA’s Chief Technology Officer and AI Champion.

Compliance at the Speed of Innovation (USCYBERCOM)

Many compliance officers inherit the negative reputation of, “wearing the black hat,” generating fear of involving them early and often in discussing current architecture, planning new infrastructure, or establishing programs. Strategic competition requires compliance officers and programs to participate early in the planning processes to streamline development and thereby ensure a reduction in incidents. Compliance officers must pursue opportunities to evolve their reputation and work with innovation leaders in a collaborative relationship that shifts outcomes to the benefit of the community, government, foreign partners, and taxpayers.

In this environment teeming with data, it is impossible for individuals to review all information available. This increases the difficulty of ensuring effective compliance measures and unhampered sharing across the enterprise. Missed information leads to missed opportunities. Secure and compliant machine analytics can alleviate these gaps by automating production cycles in circumstances where specific, templated parameters exist.

Engineering teams struggle to, “keep the lights on,” while updating architecture, ingesting more data, and attempting to plan for the future. On top of this mountain, it is also necessary to secure the enterprise, secure the network, and manage all of the data without running into oversight issues. Collaboratively seeking to overcome these hurdles and roadblocks while providing customers with the best services and products will benefit every program manager and leader in the defense enterprise. Analyzing and correcting pitfalls will ensure that future warfighters, leaders, and policymakers have the actionable information needed while reducing the number of incidents and/or loss of capabilities or information.

CIO Senior Representatives: At the Nexus of Service Delivery and Global Decision Advantage (DIA/CIO)

Learn how CIO caters to the needs of the Defense Enterprise customers. The Defense Intelligence Agency (DIA) Chief Information Office (CIO) Senior Representatives (CSR) are “the CIO – Forward Element” deployed around the world. These senior DIA civilian officers are CIO’s IT regional commanders deployed throughout your theater to serve federal government agencies, Department of Defense (DoD), Intelligence Community (IC), and International Partners. CIO delegated authority to the CSRs to engage with customers and partners on the integrated and comprehensive mix of CIO IT functions, to include governance, operations, and cyber defense activities. The IT infrastructure requirements of DoD, IC, and larger Federal government are uniquely complex and crucial to national interests and security, and require a holistic approach to effectively understand and fulfill customer requirements. CSRs are postured by authority and responsibility to provide CIO’s full catalog of IT capabilities and services to each supported mission. In so doing, the CSRs lead a lean process of functional handoffs and decision points. As capabilities and services move up the development chain toward delivery, service delivery is designed to simplify as it approaches customer touchpoints. The integrated CSR model regionalizes functional support under one strategic umbrella and puts the full CIO enterprise capabilities at the core of the customers mission space.

Advanced Technology Academic Research Center (ATARC) Supply Chain Risk Management (SCRM) Working Group Publishes First Ever Crosswalk (NASA)

In collaboration with The Open Group, NASA SEWP (Solutions for Enterprise-Wide Procurement) helped develop the first International Organization for Standards (ISO)standards dedicated to SCRM. As a member of the government acquisition community serving federal technology buyers, the program brought together a team of SCRM Subject Matter Experts to help provide clarity to some of what many find very confusing, and to identify actionable efforts that agency personnel can take today into account for SCRM within their processes, workflows, and requirements.

Adapting Data Science Solutions for Strategic Competition (DIA/CIO)

Data, Data Science, Machine Learning, and Artificial Intelligence capabilities are key to equipping the Defense Intelligence Enterprise for Strategic Competition. It is essential DIA has a data science environment that is adaptable to new and emerging needs with modern tools that can be used for a multitude of data science use cases. DIA CIO is collaborating with multiple partners to deploy a Self-Provisioning Data Analytics Environment (SPDAE) utilizing existing GOTS products to deliver capabilities. This environment will optimize the use of containerization to easily adapt the environment with new GOTs or COTs tools. SPDAE will establish processes to move data science capabilities and products through Development and Test, to quickly transition to production. SPDAE will deliver an easy-to-use environment for analysts, engineers, and data scientists increasing productivity by eliminating hours spent installing and configuring applications in the cloud. It will also decrease costs associated with developing and maintaining multiple environments and enable the use of PII and other caveated data, thereby fostering secure data driven decisions.

The IC Data Strategy: Unlocking Mission Value & Insight (ODNI)

The IC Data Strategy positions the IC in a “future ready” stance with the ability to respond to evolving needs, threats, and challenges. The IC Data Strategy aligns with other IC and Federal data strategies, and draws on recent progress to galvanize continual improvements in the discovery of IC’s data, expand data sharing and safeguarding, increase the speed of intelligence delivery, and improve tracking of data assets and needs. By implementing the strategy across the community, and in coordination with our partners, we can further advance discovery, access, and use of data at mission speed to meet our missions and maintain decision advantage.

Quantum Panel (DIA/CIO)

As an emerging and disruptive technology, quantum computing is increasingly important to national security as the Defense Intelligence Agency focuses on Strategic Competition. The quantum panel includes perspectives from industry, Intelligence Community, and research and development quantum experts with a focus on quantum safe encryption, applications of quantum computing, major players in the quantum realm, and how we can collaborate to enhance quantum technology to meet the demands of Strategic Competition. Panelists will include subject matter experts from the National Security Agency, MITRE, and In-Q-Tel. This panel will be moderated by DIA’s Chief Technology Officer, Mr. Ramesh Menon.

Introduction to DIA for Small Business (DIA/CFO)

Intro to DIA provides small businesses information on interacting with DIA, an overview of DIA’s small business goals, programs such as 8(a) and Mentor Protégé, where to find opportunities, and upcoming conferences or events.

IC Maturity Model (ODNI)

IC Information Technology (IT) Accessibility Community of Interest (COI) developed a maturity model to assess and improve IT accessibility programs across the IC. This model was designed to help the Director of National Intelligence (DNI), IC CIO and IC elements determine effectiveness of their current IT accessibility programs, as well as to identify gaps and help develop capabilities that are needed to improve future performance.

The COI used this model to assess and compare key areas of IT accessibility programs across IC elements. The analysis and insights from this assessment were presented to IC senior leadership to foster awareness of the challenges and help implement best practices for IT accessibility within the IC. Program maturity levels can be used to define progress or process development for a new or established program. The IC IT Accessibility COI identified five levels to indicate the maturity for an IT Accessibility program organized within an IC agency/element. IC CIO will be presenting the model at the conference.

An assessment of the maturity of IC IT accessibility programs will enable the IC CIO to strengthen the IC workforce by ensuring accessibility for all employees. In turn, this assessment will further promote diversity, equity, inclusion, and accessibility (DEIA) as described in Executive Order 14035 and IC compliance with standards from Section 508 of the Rehabilitation Act of 1973, as amended.

DIA’s Vision for Desktop of the Future (DIA/CIO)

This session will discuss DIA’s preliminary vision for the desktop of the future to include IT peripherals, wireless, multi-domain access with enhanced security filters, and asking for industry recommendations to enhance the user experience.

Upgrading to Next Generation Intelligence

With the explosion in data collection and sophistication in the past twenty years, Intelligence Units are increasingly struggling to utilize desktop applications that are poorly suited to deal with data at scale and from multiple, disparate sources. Even worse, many will attempt to use one tool to drive all their analyses but not every tool is architected for every type of data. These approaches can lead to a hodgepodge of intelligence silos, tools, and practices that make it difficult for those without extensive technical knowledge to navigate their data. To address these problems and make analysis quicker and easier, many departments are turning to creating data warehouses or data lakes, only to be frustrated with the eventual result.

This presentation seeks to provide a path forward to any intelligence unit that is struggling with data volume, disparate data, dirty data, slow analyses or standing up an analytical unit from scratch. We will discuss three key topics in transitioning to a current best practices intelligence platform. These topics include transitioning from desktop to enterprise, from Bi analytics to network analytics and from relational databases to integrated graph databases. This presentation seeks to be accessible for all levels of technical capability, but is designed for those seeking a way to improve their current intelligence practices.

A Need for Speed, Accelerating Autonomous Systems for a Military Advantage

In an increasingly data-heavy multi-domain battlespace, the operational needs of today’s warfighter have become more critical. This means accessing best-in-class technologies to feed that need for speed during mission-critical events to rapidly move enormous volumes of data to where it is needed for AI/ML processing, storing, and decision-making. Join us as we discuss the keys to deliver advanced new tactical capabilities.

Torch (DIA/CIO)

To provide an update on Torch and CIO’s accomplishments integrating Second Party Integree (2PI) partners.

Baseline Service Central – Enabling Collaboration through Smart Business Process Automation (DIA/CIO)

The Baseline Service Central initiative reset the platform to baseline configuration, creating a sustainable platform with minimal technical debt. Join us as we share our journey and show you how rationalizing applications put us on the path to save millions of dollars for our stakeholders and freed their Officers to concentrate on important intelligence work instead of managing manual processes.

Army Intelligence CIO Lessons Learned on Army Intelligence Cloud Migration (Army G2/NGIC)

The Army Intelligence and Security Enterprise (AISE) continues to execute on the strategic lines of effort within its Information Management and Information Technology (IM/IT) Strategy. Strategic intent is translated into implementation and reality often requires concerted efforts to push through inertia, tackle obstacles, and manage risk to holistically drive organizational change. This briefing from the Army Intelligence CIO will provide his perspective on the progress by the AISE towards the strategic goals to modernize its Information Technology and Information Management portfolio. He will provide his lessons learned and priorities for its future given the continually evolving operating environment.

Accelerating Army Intelligence Mission System Capability Migration to the Cloud (Army G2/NGIC)

In FY22, the Army Intelligence and Security (AISE) Enterprise was faced with a critical decision. Faced with potential failure of acquisition and operational fielding requirements, do they continue on the current path of fielding a critical mission system to an on-premises datacenter on multiple operational networks or look for an alternative solution? Despite resourcing and organizational investments in the on-premises plan, the leadership made the swift decision to redirect the mission capability to the cloud. This briefing will describe the seven-month journey to accelerate the mission capability onboarding into the cloud across multiple networks, the cloud enterprise foundation that enabled the swift transition, the lessons learned gained by the AISE and capability stakeholders, and the evidence of its security posture resulting in Department of Defense (DoD) level recognition.

DIA's Baseline Service Central

Date: Wednesday, December 8
Time: 1315-1415
Location: Room 225
Speaker: Christopher Folchi, DIA

Session Description:
The new Chief Information Officer announced CIO Reshape as the next iteration of aligning the organization to drive customer centricity and optimize services, enabling customer mission success. One of CIO’s lines of effort to achieve these outcomes is a Service Central (SC) review to optimize it as a primary customer service requirements interface. A three-month study into the CIO requirements process identified SC as an improvement opportunity. In 2018, the Chief Information Office (CIO) implemented Service Central (SC) as a replacement for an aging ticket management system. Since adoption, SC has grown from an IT Service Management (ITSM) tool to a corporate service platform that serves a wide variety of IT, facility, logistics, administrative, and human resource functions. However, SC growth and adoption by other stakeholders was faster than expected. Attendees will gain an understanding of CIO’s effort to reset SC to baseline configuration with emphasis on customer experience, aligning the organization to industry standard workflows and processes, and strengthening SC data holdings to provide holistic visibility over the health of CIO’s networks.

What Can CIO Infrastructure Labs Do for You?

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 221
Speaker: Carl “Justin” Key, DIA

Session Description:
CIO operates and manages multiple laboratory environments to facilitate the projects of solutions engineers. This is a capability that not enough people know about in CIO, DIA, or the IC in general. The labs that CIO operate include both a sandbox environment and implementation/integration environments. In building a digital eco-system, it’s critical that engineers have a way to test the latest products, solutions, and innovations in a way that protects the production networks from unforeseen issues. And that is exactly what CIO Lab Services provides. This presentation will explain what the current capabilities are in CIO Lab Services, what our future capabilities will be, share some success stories and what Lab Services can do to add your project to that list of success stories.

Enterprise Application Load Balancing Key Considerations for US Federal Agencies

Date: Tuesday, December 7
Time: 1600-1700
Location: Room 226
Speaker: Michael Bomba, Kemp Technologies

Session Description:
Mission accomplishment by US federal agencies depends on the performance, availability, and security of IT applications. The primary technology deployed to meet these requirements is called an application delivery controller (ADC) more commonly known as a load balancer. There are several key issues to consider when comparing top load balancer manufacturers for federal government use and ownership strategy that can significantly impact Total Cost of Ownership (TCO) and Return on Investment (ROI).

Data-Centric Security

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 224
Speakers: Craig Gladu, DIA; Alex Harvey, DIA

Session Description:
The current data portfolio within DIA is stove-piped across disparate locations making discovery and wrangling of data sets, resource intensive. This brief will focus on DIA’s shift to data-centricity for mission, business, and IT operations data sets. It will discuss the security expectations of Data Services related to the DoDIIS modernization, as the Enterprise shifts to its Zero Trust Architecture to enable trusted data movement throughout the Enterprise.

Contracting and Program Overview of the SITE III (Solutions for the Information Technology Enterprise) Contract

Date: Wednesday, December 8
Time: 1315-1415
Location: Exhibit Hall, Mountain Theater
Speakers: Esther Woods, DIA; Kimberly Posey, DIA; Mishelle Miller, DIA; John Pistolessi, DIA

Session Description:
This session will provide the Contracting Officer’s overview and discussion of the SITE III Contract, as well as provide an opportunity for industry to interact with the lead Contracting Officers who support the DIA CIO. Industry will have a chance to ask questions about upcoming procurements.

DoD Data Strategy and MARS, Embracing Open Data Architecture

Date: Wednesday, December 8
Time: 1315-1415
Location: Room 227
Speakers: Maj Wilfred Noel, DIA; Sayeed Mahmud, DIA

Session Description:
The Machine-assisted Analytic Rapid-repository System (MARS) is a critical tool to enable the Defense Intelligence Enterprise (DIE) to maintain a competitive strategic advantage over our adversaries. Since the mid-1990s, the DIE has stored foundational military intelligence (FMI) in numerous databases, most notably the Modernized Integrated Database (MIDB). FMI supports every aspect of global military operations, including acquisitions, combat operations, and joint force planning. MIDB’s architecture cannot handle the volume of data required for today’s military operations. In 2018, the Defense Intelligence Agency (DIA) launched the MARS Program to build a new, data-driven architecture to transform how consumers access FMI. DoD released its Data Strategy in Fall of 2020, with a vision of a data-centric organization that uses data at speed and scale for operational advantage and increased efficiency. The strategy clearly recognizes the need for open data standards and architecture to achieve this vision. MARS’s approach to data and architecture aligns to the DoD strategy and will provide FMI support to joint all domain operations and decision makers. MARS currently pulls data from multiple DIE repositories. The MARS architecture is scalable and will allow for the incorporation of additional data feeds. It also will enable the distribution of data from MARS to other systems. As the transition from MIDB to MARS progresses, one of the biggest challenges is ensuring interoperability with the various DIE systems, each with its own architecture and data governance. This presentation will explore that challenge and what the MARS Program is doing to address it.

Zero Trust but Verify

Date: Wednesday, December 8
Time: 1315-1415
Location: Room 228
Speaker: Scot Wilson, Forward Networks

Session Description:
Agencies are tasked with implementing zero-trust across complex networks that include legacy equipment. Establishing a single source of truth that delivers full visibility into network behavior, all possible traffic paths, topology, and searchable configuration and state information for all devices is critical to achieving the mission. Attend this session to learn how continually validating that network behavior adheres to security policy makes it possible to implement and prove zero trust.

The Defense Intelligence Enterprise (DIE) Common Data Fabric - Overview

Date: Wednesday, December 8
Time: 1315-1415
Location: Room 221
Speaker: LTC Stacy Graham, DIA

Session Description:
The Common Data Fabric (CDF) is a 100% commercial solution. CDF is a USD(I&S) sponsored, directed and funded capability currently being implemented and deployed across the Defense Intelligence Information Enterprise (DI2E) by the DIA for all DoD. The CDF provides a ‘machine-to-machine’ data brokering capability for the Intelligence Community (IC) by taking data providers’ data with policy along with the data consumers’ machine policy (using Authority to Operate (ATO) Risk Management Framework (RMF) information) into the CDF baseline architecture where data brokering decisions are made at the speed of relevance. The CDF provides value to data owners because it allows them to share their data with all DoD through a single ATO’d connection and eliminates the need to manage multiple ATO’d connections. Likewise, for data consumers, CDF eliminates the need to maintain multiple connections and ATO boundary changes. The USD(I&S) directed the DIA CDF implementation effort begin with the Distributed Common Ground System (DCGS) family of systems. The CDF is operating on NIPR (T&E), and SIPR (w/ATO) and plans to have an SCI instance around Sept. 2021

Protecting Critical Communication and Collaboration in Highly Contested Environments

Date: Wednesday, December 8
Time: 1315-1415
Location: Room 222
Speaker: David Pearah, Spideroak Mission Systems

Session Description:
Secure multi-theatre communication and collaboration are key enablers to defense and intelligence mission success worldwide. Our ability to safely secure land, air, sea, and more and more “space” communication and control is vital to our national security and protecting people and assets in any field of operation. Secure comms in these environments means safely operating over ad hoc, indigenous, commercial, and often untrusted network infrastructure that is not always under our control despite intermittent, low bandwidth, and resource-constrained use-cases. Our adversaries know this and are dedicated to exploiting human and technological vulnerabilities to infiltrate, exfiltrate, disrupt and exploit this flow of information. Robust network defense tools and approaches exist – and are rightfully employed. Unfortunately, traditional network-centric protection is not suited to such contested environments and creates attack vectors limiting the ability to federate data and enable decision-making. Popular “Business First” COTS offerings have been tried but lack the requisite security focus required to protect the confidentiality and integrity of the mission-vital information being exchanged. SpiderOak Mission Systems is pleased to invite you to this important breakout session where Spideroak CEO David Pearah will discuss looming threats to mission communication and collaboration systems, the consequences of failure, and how new categories of “Security-First” software leveraging Zero-Trust/No-Knowledge encryption, distributed ledger technology, and novel key management systems protect data from the tactical-to-strategic in these contested environments – agnostic to the transport modality, network, and infrastructure viability.

Surfacing & Mitigating Attackers with Neural Networks

Date: Wednesday, December 8
Time: 1315-1415
Location: Room 224
Speaker: Tim Wade, Vectra AI

Session Description:
What do APTs, Ransomware, and Supply-chain breaches all have in common? They’re top of mind for both the strategic decision makers and tactical operators charged with defending our nation’s most critical missions. Unfortunately, with respect to these threats, traditional cybersecurity tools and methods continue to fail to deliver the modern resilience necessary to confidently support the ongoing mission of the warfighter. Fortunately, the successful use of AI and data science has proven to be one of the most significant advancements to address these shortcomings and offers an opportunity to reshape our nation’s cybersecurity architecture. This briefing will dive into the AI and data-science methods necessary to regain the initiative and turn the tables on modern threats to assert cyber-domain dominance. Tim Wade, Technical Director & Landen Brown, NSS Senior Security Architect w/ Vectra AI will calibrate the audience on how to strategically integrate and operationalize AI cyber-capabilities, breaking down key considerations of assessing AI cyber-efficacy, and how to identify which approaches provide the greatest yields.

ADO and DPaas: DIA Platform Migration as a Reference Architecture

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 225
Speakers: Johnathan Abolins, DIA; Stephen Snow, DIA

Session Description:
The use of container solutions and service mesh’s is becoming industry standard in the private sector. DIA has elected to adopt this methodology for our reference IT architecture, called DPaaS. DIA is using DPaaS to provide greater flexibility, enhance security, and expand data storage by beginning this transformation. The Analytic Development Office has championed this approach, and even has a segment of the new structure that is set aside for its analytic support applications. This provides for the decentralized mobility that is necessary to create new applications that meet specific organizational requirements while at the same time providing a coherent and to a more federated standard approach to DIA systems administration. We will present the initial migration efforts, the migration challenges, the lessons learned, the current enhancements, and our anticipated benefits and execution timelines.

Maximizing the Value and Integrity of your Data Holdings

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 228
Speakers: Dr. Michele Gable, DIA; Ajay Kodali, DIA

Session Description:
This session will provide practical recommendations for asking the critical questions about the data that is presented, and gives examples of DIA CDO’s techniques for enhancing the discovery, protection and sharing of information in order to maximize the value and integrity of Agency data holdings.

Data forms the building blocks of all digital ecosystems. This presentation highlights the importance of good data hygiene, from data inception, where proper identification, labeling and data provenance is associated with the data set, to data analysis, where the receiver must critically question the data to ensure that issues, such as bias, aggregation and context do not skew the conclusions.

For both the consumer and the collector, it is essential to understand the purpose of a particular data set, the context of its acquisition, and its components. Many statistics and data visualizations obscure these key attributes, leading to inaccurate decisions based on missing or misleading data points. This session will provide impactful practices for both consumers and managers of data.

Defend Against the New Norm

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 229
Speaker: Satya Gupta, Virsec

Session Description:
Sophisticated software cyberattacks are the norm with runtime and memory-based attacks proving near impossible to protect against with traditional solutions. Couple this with the complexity within every DoD organization—legacy, GOTS, cloud, or hybrid environments. Determined adversaries have found this exposure and are successfully exploiting these vulnerabilities. The key? Defenders must fully understand their software to fully protect it. Learn more about absolute threat interdiction and how to protect software as it’s running. Virsec Security Platform maintains true runtime protection of enterprise applications by ensuring attacker provided “data” cannot turn into “malicious code,” thereby enabling Virsec to disrupt attackers’ kill chains in microseconds. Rather than detecting malicious activity after it takes place, Virsec works to secure software whenever and whenever it runs. DoD recently concluded a Hackathon with 218 red team hackers attacked Virsec using nearly 15,000 different types of exploits, zero-days and remote code execution. None of the intrusion attempts were successful in defeating Virsec’s capability.

The Future of JWICS

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 227
Speakers: Katie Lipps, DIA; Jojo Leasiolagi, DIA; Elcie Dinch-McKnight, DIA

Session Description:
In this session we will discuss technologies and high-level concepts that are shaping our future JWICS architecture and the timing to deliver. Come join us to learn how you might partner with us on this journey.

Developing the Employee's Experience

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 226
Speaker: Terri Peebles-Hunt, DIA; Leslie Bennett, DIA

Session Description:
In this breakout, “Employee-Centric Workplace” we will explore CIO’s evolution of the employee experience, where we’re headed and how we will know when we get there.

Zero Trust Architectures for the Information Communication Industry

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 224
Speaker: Ken Davis, Pexip

Session Description:
Data networks have long been designed to keep “bad guys” out while allowing “good guys” in, yet stories continue about data leaks, credential hijacking, ransomware, or worse. Organizations are increasingly unaware of who is using their systems and where their data is flowing. Network administrators, vendors, and IT managers are constantly putting out fires, just as new threats emerge. How can you get ahead of the game, much less win? We will discuss how Zero-Trust (ZT) architectures answer this question by envisioning networks as a series of data policy rules and decision gates, rather than a combination of components and traffic zones. We will share examples of leading commercial and government enterprises that are harnessing the power of AI and Software-Defined Networks (SDNs) to create networks that act as applications, and we will illustrate how network and A/V system sensors and behavioral analytic tools combine to create a continuously adaptive trust score for each user. Finally, we will describe how core ZT principles resonate with traditional A/V, UC, and IoT system control workflows, and we will propose an integrated trustless framework for the communications industry that aligns with the NIST SP 800-207 ZT reference architecture.

U2 Federal Lab-Reducing the Kill Chain by Deploying Applications and Kubernetes onto the U2 Dragon Lady

Date: Wednesday, December 8
Time: 1115-1215
Location: Room 222
Speaker: Maj. Ray Tierney, USAF

Session Description:
The U2 Federal Lab working with a small Consortium of Companies has developed a tactical edge GOTS software package (AVERA+) that has been deployed to the U2 Dragon Lady while in flight 6 times over a 9-month period. This deployment aims to prove that deploying software onto legacy/current and future platforms can reduce the kill chain, provide quicker acquisition cycles, and provide mission attainment in a more meaningful way.

DoDIIS Modernization

Date: Tuesday, December 7
Time: 1500-1700
Location: Room 224
Speakers: Jay Phipps, DIA; Alexander Harvey, DIA; Matt Hodges, DIA

Session Description:
Along with the DoD, the IC, and the larger Federal Government, DIA is pursuing a journey to transition towards a Zero Trust Architecture. The DoDIIS Modernization Program is leading the way on that journey, focusing on the modernization of the DIA Local Area Network (LAN) and provisioned Information Technology services (e.g. infrastructure, applications, data services, etc.) that significantly improve mission and strengthen the cyber security posture across all classification enclaves. This brief will focus on how DoDIIS Modernization is designing a simpler and more secure IT architecture that does not impede operations or compromise security. This paradigm shift will allow DIA to innovate to simplify the way that we operate, while providing the optimization and security that mission demands. DIA is looking to connect with industry while pursuing our journey towards a Zero Trust Architecture, and this brief is intended to help frame those conversations for future growth and transformation.

Gamification of Operational Technology Cybersecurity Training Environments

Date: Tuesday, December 7
Time: 1600-1700
Location: Room 225
Speakers: Christopher Miranda, CACI; Scott Thompson, CACI

Session Description:
Gamification of traditional DoD training environments is not a new concept. Gamification has increased training audience engagement, performance, and satisfaction throughout the DoD by applying game mechanics to self-paced, individual training events. However, the application of the approach to complex cybersecurity systems and networks has proven more difficult, as cybersecurity concepts can be complex, abstract, and in some cases esoteric. Cybersecurity games depend heavily on automated attacks, which are simple in the case of “script kiddie” attacks, but much more challenging in the case of sophisticated cybersecurity attacks. Securing the Operational Technology (OT) that runs our nation’s critical infrastructure, including power, water, fuel, and manufacturing systems has become not just a best practice but increasingly critical to national security and a strong economy. Throughout the COVID-19 pandemic, self-training in OT cybersecurity has increased in importance, and gamification has been needed to increase the effectiveness of that training. Unlike traditional IT cybersecurity, the physical systems that are controlled by OT are very easy to visualize in game engines such as Unity and Unreal. By combining gamification concepts with modern game engines, OT is brought to life before the trainee’s eyes. The consequences of poor cybersecurity can be dramatically displayed, to include the system-wide effects of cyberattacks and the effects of attacked systems on other dependent systems. The presenters take a unique approach to extending gamification techniques to operational technology training environments to enhance the skillsets of DoD network defenders.

Army Intel IT Governance - Balancing Risk Management and Mission Effectiveness

Date: Tuesday, December 7
Time: 1600-1700
Location: Room 228
Speaker: Art Gregory, Army

Session Description:
Army Military Intelligence (MI) has established an Information Technology governance model to enable technology insertion and modernization while balancing and understanding the enterprise risk management posture. As Army MI moves towards its multi-domain DevSecOps implementation, scalable IT governance will align risk management with prioritization of digital modernization efforts. This briefing will describe the current state of Army MI IT governance, future plans, and how this ecosystem postures Army MI to target its IT investments to support its critical mission and customers.

Modernizing DIA's Data Science Ecosystem

Date: Tuesday, December 7
Time: 1600-1700
Location: Room 226
Speaker: Katie Neset, DIA

Session Description:
DIA is committed to equipping the workforce with the tools and processes needed to achieve mission success within a Digital Ecosystem that fosters collaboration and a culture of innovation. To advance DIA’s use of Data Science, it is essential that Officers have access to a secure environment, equipped with the right tools for their data science use cases. Data Engineering is collaborating with multiple partners to deploy a Self-Provisioning Data Analytics Environment (SPDAE) utilizing existing GOTS and FOSS products to deliver capabilities. The environment will also provide the underlying infrastructure and cyber processes. SPDAE will partner with Cyber and DevOps to move data products through the development pipelines and into production. Finally, SPDAE will integrate with other enterprise offerings to catalog data products and publicize their capabilities to satisfy the data science needs of mission and business systems.

AI Hits the Data Wall

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 226
Speakers: Gus Hunt, VAST Federal; James Dean, VAST Federal

Session Description:
Over the next decade, AI algorithms will be responsible for introducing new applications and services within environments while also infusing legacy applications with new insight and automation. The Cambrian explosion of AI processors is now being rivaled by an even larger explosion in the amount and sources of data that organizations must continually mine in order to refactor and refine next-generation AI models. To accomplish this, a new data access paradigm must be established.

Securing DoD Enterprise Innovation with ICAM

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 226
Speaker: Josh Brodbent, Beyond Trust

Session Description:
Agency modernization, expanding cloud deployments, and distributed workforces create new planes of privilege for adversaries to exploit. When designing the future state of The Defense Department’s complex enterprise network, a least-privilege approach is critical to keep pace with adversaries and lower your attack surface. With users and devices now accessing critical information, systems, and applications from anywhere, the mindset must be to never trust, always verify, and only allow privileged access when needed or contextual parameters are met. Join BeyondTrust to understand:
– Why Privileged Access Management (PAM) is integral to secure the adoption of initiatives like ICAM
– How Zero Trust, ICAM, and Enterprise Network Modernization correlate
– The Defense Department’s outlook on Enterprise Network Modernization
– The path to secure modernization using Least Privilege

Lessons Learned of NSA's 2PO Integration, and DIA and NSA's Collaboration

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 228
Speaker: La’Nala Jones, NSA

Defense Intelligence Cloud Architecture Convergence and Community Edge Node

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 226
Speaker: David Crow, OSD

Session Description:
Several years ago, the Defense Intelligence Information Enterprise (DI2E) DevTools Pilot was undertaken to establish a software development environment to promote technology innovation through a DevOps software delivery lifecycle. The objective was to promote enterprise-level software development while the community grew expertise and matured organic capabilities. After evaluating current software development environments and capabilities across the community, OUSD(I&S) made an educated decision during the FY23 Program Objective Memorandum to eliminate duplication of effort and smoothly transition UNCLASSIFIED and SIPR DI2E DevTool users to more secure and readily available DevSecOps environments.

Imperative for Change; Building an Accessible Digital Ecosystem

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 225
Moderator: Matt Conner, DIA; Panelists: Gulia Curcelli, DIA; Fadi Abu-Shaaban, DIA; Deborah Kircher, DIA; Shannon Paschel, DIA

Session Description:
The Defense Intelligence Agency is building an accessible digital ecosystem both internally and on behalf of the Intelligence Community. This panel discussion will address the Director of National Intelligence (DNI) efforts to improve diversity and inclusion. We need your help in enhancing value and inclusivity by optimizing access. Come hear how.

Low-to-High Pipeline

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 222
Speaker: Brian Landry, Amazon

Session Description:
A Low-to-High Development Pipeline (L2H Pipeline) enables development in (unrestricted) Standard and GovCloud Regions and deployment in restricted AWS Regions using a secure, automated, scalable process to “build low, deploy high.” The L2H Pipeline scans, packages, and transfers payloads (objects, repositories, and container images) with automated approval steps (and can be augmented with manual approval steps). It can additionally enforce quality checks on payloads. Receipt of the payloads on the high side can automatically invoke high side deployment and test processes. The L2H Pipeline enables customers to push frequent, iterative commits of their low side code to their high side environment.

Low-to-High Pipeline

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 221
Speaker: Brian Landry, Amazon

Session Description:
A Low-to-High Development Pipeline (L2H Pipeline) enables development in (unrestricted) Standard and GovCloud Regions and deployment in restricted AWS Regions using a secure, automated, scalable process to “build low, deploy high.” The L2H Pipeline scans, packages, and transfers payloads (objects, repositories, and container images) with automated approval steps (and can be augmented with manual approval steps). It can additionally enforce quality checks on payloads. Receipt of the payloads on the high side can automatically invoke high side deployment and test processes. The L2H Pipeline enables customers to push frequent, iterative commits of their low side code to their high side environment.

IC Security Coordination Center

Date: Tuesday, December 7
Time: 1500-1555
Location: Room 221
Speaker: Cheri Benedict, ODNI

Session Description:
The IC SCC is the Federal Cybersecurity Center for the IC and coordinates the integrated defense of the IC Information Technology Environment (ITE) and the IC Information Environment (IC IE) with IC elements, DoD, and other U.S. Government departments and agencies. Working with the other defense-oriented Federal Cyber Centers—the Joint Force Headquarters (JFHQ) Department of Defense Intranet Information Network (DoDIIN) and the Cybersecurity and Infrastructure Security Agency (CISA)—the IC SCC facilitates accelerated detection and mitigation of security threats and vulnerabilities across the IC by providing situational awareness and incident case management within the shared IT environment. Additionally, the IC SCC monitors and coordinates the integrated defense of the greater IC IE. These capabilities support the security protections necessary to defend against threats to the IC and coordinate operational responses across the Federal Government.

Azure for National Security

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 228
Speakers: Schatem Boyd, Microsoft; Stuart Kehr, Microsoft

Session Description:
This session will be targeted at Decision Makers and will educate attendees on Azure Government, Azure Government Secret and Azure Government Top Secret on key tools and services that help government leaders accelerate achievement of mission accomplishments by leveraging the cloud. This will include: Big picture on how the organizations can implement a secure and compliant cloud, how Azure will improve current security posture will reduce capital and operational expenditures, continuing to save money in the long run.

Project Herald

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 227
Speaker: Leslie Beavers, OUSDI

Session Description:
OUSD(I&S) Intelligence, Surveillance and Reconnaissance Enterprise Capabilities (ISREC) Directorate provides oversight for NIP/MIP programs and provides guidance to DI2E programs on modernization. Last year, ISREC published the ISR Architecture Convergence Study to help inform Defense-level, Planning, Budgeting and Execution of the future modern enterprise. The study emphasized enterprise-level services of common concern that will comprise the Defense Intelligence Digital Foundation and free the Military Departments from responsibility to deliver end-to-end solutions, allowing them to focus on specific value-added capabilities, such as exquisite sensing, software applications, mission-unique workflows, and advanced algorithms. Defense Intelligence Digital Transformation Campaign Plan (currently in coordination) aims to put the study recommendations into action and serves as USD(I&S)’s plan for implementation of the Defense Intelligence Strategy.

Mission Outcomes Employing the Army Intelligence Cloud Data Science Environment (DSE)

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 229
Speakers: Matt Thompson, Army; Gabriele “Gabe” Chiuli, Army

Session Description:
In early 2021, the Army Military Intelligence (MI) Cloud Computing Service Provider (AC2SP) released its cloud-based Data Science Environment (DSE) on multiple security domains supported by new policy from the HQDA G2 that streamlined usage of AIML cloud services and development of data science models in the DSE. In late 2021, the DSE service offering was put to the test by a quick reaction, cross-functional team in support of real-world operations. This briefing will describe the DSE service offering to include the cloud architecture, the tiered Risk Management Framework (RMF) shared security model, and enabling Army Intel IT policies. It will conclude with the mission outcomes enabled by cloud-based AIML managed services and the team’s lessons learned.

Zero Trust: Beyond the Buzzword

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 226
Speaker: Kevin Goode, Thales Trusted Cyber Technologies

Session Description:
Zero Trust is not just another buzzword in a never-ending list of tech trends. The principles of zero trust eliminates the binary trust/don’t trust approach applied to users and assets in yesterday’s on-premise, perimeter-centric environments. According to a recent survey, 100% of U.S. Federal Government agencies are storing sensitive data in third-party cloud, mobile, social, big data and IoT platforms, which inherently makes data vulnerable. Traditional perimeter protection does not protect off-premise data, which speaks to the need to take a zero trust approach to data security. Attend this session discussion to learn about the best practices for implementing a zero trust architecture to protect your most sensitive data despite the dissolving perimeter. The speaker will discuss the top 6 things you need to know about zero trust:
1. The basics. What is zero trust and how does it apply to data security?
2. Setting the stage. How digital transformation can make data vulnerable but also more secure.
3. Getting to work. Tips for putting zero trust architecture into action.
4. What about the cloud? How does cloud make implementing zero trust faster but more complicated.
5. Pulling it all together. How to develop a long term strategy to protect data throughout its lifecycle.
6. Best Practices for Implementing the White House Executive Order on Improving the Nation’s Cybersecurity Infrastructure.

DoDIIS FVEY Way Forward

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 225
Speaker: Heather Scarpato, DIA

Session Description:
The Defense Intelligence Agency’s (DIA) Chief Information Office is putting out a call for industry support to find a solution for seamless collaboration in a single active directory environment between DIA, National Geospatial Agency (NGA), and the nation’s Five Eyes (FVEY) partners. Topics of interest include email, collaboration tools, document sharing, and web browsing in a traditionally United States-only space.

Cyber Security Collaboration and the Fusion of Multi-Discipline Intelligence: Omni-Domain Pivoting

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 222
Speaker: Andrew Alexander, NSA

Session Description:
Words are important. Language is important, especially with a vernacular that is incomplete and, on the grander scale, juvenile. The fact that the language of cyber fits this bill is likely not a major revelation to our esteemed colleagues within this community. Furthermore, cyber experts and data from multiple cyber disciplines without context and lexicon does not lead to timely and relevant mission outcomes for NSA, DoD, the IC, and cybersecurity community. Complicating matters, language is only the beginning – collaboration, language, analysis, product, defense, strategy – all these topics should be in sync for a successful campaign. It is Fusion Operations’ intent and function to assist with a small piece of this equation. Fusion Operations sits at the nexus of NSA’s Cybersecurity Collaboration Center on one axis, industry and Government on a second, and most critically, at the nexus of unclassified and classified threat data. By fusing disparate data sources, we are able to gain a unique and holistic perspective on malicious adversary activity and position NSA and the Intelligence Community to more effectively prevent and eradicate threats to National Security Systems and the Defense Industrial Base. This presentation demonstrates the successes and lessons learned from our operations to date as well as ideas where we could possibly move forward in the future with the investment of other intelligence disciplines.

Enhancing the Intelligence Community Information Environment (IC IE) Cybersecurity Posture

Date: Tuesday, December 7
Time: 1315 – 1410
Location: Room 221
Speaker: Clifford “Matt” Conner, ODNI

Session Description:
The Intelligence Community Information Environment (IC IE) remains one of the most secure Information Technology (IT) networks within the U.S. Government. However, adversaries have demonstrated the determination to mount cyber-attacks not only to steal our secrets, but to erode our confidence in, and the security of, national security systems. This trend will persist, if not accelerate. Due to the interconnected nature of the IC IE, risk to one IC Element poses a risk for all. Accordingly, improving the IC IE cybersecurity posture is a whole-of-IC imperative requiring the attention and support of senior leadership, cybersecurity and IT professionals, mission leadership, program managers, acquisition executives, supply chain and cyber threat analysts, counterintelligence experts, and industry partners. The I-Plan 2.0 is the result of the IC CIO and Chief Information Security Officer coordination across the IC IE and serves as a measurable guide to focus near-term cybersecurity efforts within the IC IE. I-Plan 2.0 builds on the 2019 I-Plan, which underscored the necessity for a whole-of-IC approach to enhance cybersecurity across the IC IE. The guidance and tasks within I-Plan 2.0 were formulated by assessing the current cybersecurity threat given today’s cyber landscape, which has evolved considerably as the IC has embraced new technologies, software, and policies and procedures to communicate, coordinate, and move and store data across the IC IE. I-Plan 2.0 focuses on the same fundamental cybersecurity principles of knowing, managing, and monitoring the enterprise, with the added dimension of sharing information about enterprise risks among the IC Elements.

New York Air National Guard Takes Flight with Anti-Phishing Authentication

Date: Monday, December 6
Time: 1600-1700
Location: Room 229
Speakers: Col Tri Trinh (Ret.), USAF; Jerrod Chong, USAF

Session Description:
Defense Department IT professionals traditionally rely upon a series of firewalls for security against predicted and known threats. However, attack vectors have changed as network access moves “perimeter”-based security to cloud-based security, leaving the former security strategy increasingly less effective. In this session, Jerrod Chong and Major Liaquat Ali will discuss the drivers for strong authentication and how usage of phishing-resistant hardware-based authentication better secured NY ANG.

JWICS Connection Authorization Program (JCAP)

Date: Monday, December 6
Time: 1600-1700
Location: Room 227
Speakers: Calleen Torch, DIA; Branden Kemp, DIA

Session Description:
This brief will provide insight into the new JWICS Connection Authorization service offering, which will ensure all connections to JWICS meet JWICS Connection Approval Program (JCAP) standards. It will also provide details on how JCAP is actively seeking to increase efficiencies and implement an ongoing authorization process. Recent program changes have reduced duplicative efforts between the Authorization to Operate (ATO) and the Authorization to Connect (ATC) while also maximizing automated monitoring capabilities to reduce manual data reporting requirements. Key topics of change will include the NIST Risk Management Framework (RMF), Essential Data Exchange (EDE), JCAP top areas of concern, and automated risk reporting.

AIOps Predicative Maintenance

Date: Monday, December 6
Time: 1600-1700
Location: Room 228
Speakers: Joe Whitaker, DIA; Sunaina Rekhi, DIA; Bruce Goldfeder, DIA; Rich McLean, DIA

Session Description:
TBA

Cloud Time and Cost Saving Innovations Through Automation

Date: Monday, December 6
Time: 1600-1700
Location: Room 226
Speaker: Anu Subramanian, CloudChecker, Inc.

Session Description:
Cloud use continues to explode across all areas of government. How do you quickly and efficiently control and allocate cloud cost on a granular level? How do you make sure your organization is following security best practices? How do you make sure your subscribed cloud resources are getting the most bang for the buck? Smart cloud management using automation is the key!

A Basic Framework for Incorporating Cultural Information in Insider Threat Assessments

Date: Monday, December 6
Time: 1600-1700
Location: Room 225
Speaker: Dr. Liza Briggs, USMC

Session Description:
Combating cybersecurity threats is not limited to technological solutions. As we advance our understanding of digital ecosystems, we recognize human behaviors as important components of understanding risks and threats to critical systems and our security profiles. Adding context to observable behaviors helps us more accurately assess risks and to mitigate threats. This presentation offers a user-friendly cultural framework and details how the framework can be paired with data to add meaning to behaviors and more intentionally include “culture” in threat assessment and response processes.

How to do Business at DIA

Date: Monday, December 6
Time: 1600-1700
Location: Room 224
Speaker: Natalie Yacoub-Pugh, DIA

Session Description:
Small businesses are an integral partner with DIA in creating innovative solutions to maintain a competitive strategic advantage over our adversaries. Learn how to do business at DIA and best practices. Topics included in this discussion are the role of the Office of Small Business Programs, the DIA Mentor Protégé Program, DIA’s 8(a) Business Development Program and other pertinent topics. There will be an opportunity for participants to ask small business and acquisition related questions.

Contracting and Program Overview of the SITE III (Solutions for the Information Technology Enterprise) Contract

Date: Monday, December 6
Time: 1300 – 1355
Location: Plenary Hall
Speakers: Esther Woods, DIA; Kimberly Posey, DIA; Mishelle Miller, DIA; John Pistolessi, DIA

Session Description:
This session will provide the Contracting Officer’s overview and discussion of the SITE III Contract, as well as provide an opportunity for industry to interact with the lead Contracting Officers who support the DIA CIO. Industry will have a chance to ask questions about upcoming procurements.

Protecting Critical US Infrastructure: Strengthening Resilience

Date: Monday, December 6
Time: 1600-1700
Location: Room 222
Speaker: Theresa Campobasso, Exiger

Session Description:
USG Critical infrastructure systems are a pillar of competitive advantage for the US economy. Despite their criticality, previous high-profile attacks have shown that the infrastructure is under protected and exposed to cyberthreats, supply chain risks, operational risks, State adversaries, and criminal activity. The complexity involved with illuminating critical infrastructure risks is compounded by the scale of data, speed computing, the lack of visibility into certain threat vectors such as risk in hardware and software used by these entities, and integration with partners. Learn how both the U.S. government and the critical infrastructure community can leverage AI, ML, Natural Language Processing, cloud computing and emerging technologies to proactively identify, mitigate, and manage the risk of adversarial exploitation, fraud, or network compromise through advanced analytics and open-source information.

Intelligence Community Information Technology Enterprise (IC ITE) Modernization

Date: Monday, December 6
Time: 1600-1700
Location: Room 221
Speaker: Michael Castelli, ODNI

Session Description:
The presentation will offer an overview of the IC ITE Strategy—which will be revised shortly before the DoDIIS Conference–and the IC’s vision of a secure enterprise that facilitates authorized information flow between multiple clouds, domains, and platforms supporting diverse missions. It will highlight four main goals of the strategy and how the IC uses a Service Provider model to realize those goals. The model presents the roles of IC IT Service Provider as the developer and maintainer of Services of Common Concern (SoCCs), the IC IT Service Consumer who uses services and capabilities, and IC IT Industry Partners who are instrumental in the design, buildout, and delivery of key capabilities. Essential to fulfilling the IC ITE Strategy is the designation and shaping of IT SoCCs for the future. This presentation will describe how the IC is modifying and maturing SoCC delivery to advance mission integration and information sharing across the IC. Practical service examples include the Commercial Cloud Enterprise (C2E), Identity, Credential, and Access Management (ICAM), and industry partners who play a vital role in achieving the goals of the revised IC ITE strategy. In addition, the speaker will touch on the IC CIO’s view of how SoCCs will likely evolve, the identification of community IT needs, and leveraging, reusing, and adapting existing IT capabilities.

DoD Data Strategy and MARS, Embracing Open Data Architecture

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 227
Speakers: Maj Wilfred Noel, DIA; Sayeed Mahmud, DIA

Session Description:
The Machine-assisted Analytic Rapid-repository System (MARS) is a critical tool to enable the Defense Intelligence Enterprise (DIE) to maintain a competitive strategic advantage over our adversaries. Since the mid-1990s, the DIE has stored foundational military intelligence (FMI) in numerous databases, most notably the Modernized Integrated Database (MIDB). FMI supports every aspect of global military operations, including acquisitions, combat operations, and joint force planning. MIDB’s architecture cannot handle the volume of data required for today’s military operations. In 2018, the Defense Intelligence Agency (DIA) launched the MARS Program to build a new, data-driven architecture to transform how consumers access FMI. DoD released its Data Strategy in Fall of 2020, with a vision of a data-centric organization that uses data at speed and scale for operational advantage and increased efficiency. The strategy clearly recognizes the need for open data standards and architecture to achieve this vision. MARS’s approach to data and architecture aligns to the DoD strategy and will provide FMI support to joint all domain operations and decision makers. MARS currently pulls data from multiple DIE repositories. The MARS architecture is scalable and will allow for the incorporation of additional data feeds. It also will enable the distribution of data from MARS to other systems. As the transition from MIDB to MARS progresses, one of the biggest challenges is ensuring interoperability with the various DIE systems, each with its own architecture and data governance. This presentation will explore that challenge and what the MARS Program is doing to address it.

Innovation Panel

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 229
Speakers: Ramesh Menon, DIA; Peter Bronez, In-Q-Tel; Terry Halvorsen, IBM; Dr. Maheen Adamson, Veterans Agency/Standford University

Session Description:
TBA

Security: The Key Component to a Successful ZTNA Strategy

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 228
Speaker: Dean Economou, Appgate

Session Description:
The Network Access portion of a Zero Trust Architecture (ZTA) is a key component in the success of any Zero Trust strategy. The securing of access to the network and applications has become crucial in the effort to provide for the common defense. Organizations already have several of the requisite components for a ZTA, however, integrating these components into Network Access decisions is the next step towards the realization of a true Zero Trust Strategy.

Driving Digital Transformation through a Single Cloud Service Catalog for Mission Acquisition Programs

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 226
Speakers: Christopher Carrigan, DoD; Terry Carpenter, Jr., DoD

Session Description:
Provide an overview on how DCSA is driving consolidation of unique cloud tools, data strategies and enterprise cross domain services to improve cost structure, reduce risk and increase mission effectiveness.

NMEC Transformation - Leveraging IT to Drive Mission Change

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 225
Speaker: William Hancock, DIA

Session Description:
The National Media Exploitation Center began its transformation initiative to deliver change across the entire center to align with National Intelligence Priorities. Come hear about how NMEC’s IT and Mission partnership is enabling the future.

A (Don’t) Panic Button for Responding to a Network Hack

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 224
Speaker: James Dollar, Uplogix

Session Description:
When your network has been compromised, it’s all about speed to respond and recover. Planning for these situations can’t depend on the network itself and shouldn’t rely on “sneaker net” responses for deploying new configurations. What is needed is secure out-of-band automation that works both as a “panic button” to initiate a lockdown as well as provide the tools needed for a quick and deliberate recovery.

Cryptographic Supply Chain Risk Mitigation through real-time Acceptance Testing

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 222
Speakers: Dr. Sean Miles, NSA; Lawrence Reinert, NSA

Session Description:
Real time acceptance check for counterfeit devices, refurbished machines, and non-approved part substitutions using standards-based artifacts are available from many Original Equipment Manufacture’s (OEMs) of Trusted Platform Module (TPM) enabled devices (PCs, servers, routers). Using the Trusted Computing Group (TCG) defined Platform Certificate, an Acceptance Test can run using open source software prior to placing new devices into the network. Procurement processes can be modified to incorporate the requirements for these artifacts that are currently openly available from several OEMs.

IC Enterprise Architecture – Enabling IC Integration

Date: Monday, December 6
Time: 1500 – 1555
Location: Room 221
Speaker: David Salvagnini, ODNI

Session Description:
The Architecture and Integration Group (AIG) supports and advises the Intelligence Community Chief Information Office in the Office of the Director of National Intelligence (ODNI). AIG plans, organizes, coordinates, directs, and implements enterprise architecture, systems engineering, and integration practices to foster a secure, interoperable, and effective IC Information Environment. The team is functionally organized into the Enterprise Architecture Division (EAD), Integration Engineering Division (IED), Standards and Compliance Division (SCD), and the 5-Eyes Enterprise (5EE) Service Domain. AIG is adjusting the IC EA portfolio to enhance the IC/Department of Defense (DoD) value proposition and efficacy across IC Elements. The focus of this effort is to strengthen IC integration through:
• Authoritative Future Planning
• Architectural Consistency and Compliance
• Identification and Mitigation of Critical Gaps Attendees will learn how ODNI influences the IC EA portfolio and enhances IC, DoD, and partner integration. Use cases will be shared as examples of past and ongoing application of the IC’s EA practice.

When (Not) to Orchestrate Workloads at the Edge

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 228
Speakers: Michael Epley, Red Hat; Jonathan Sturges, Red Hat

Session Description:
As we look to move containerized workloads to the edge, we must consider whether to take advantage of orchestration tools like kubernetes or swarm: a trade-off between reliability and simplicity vs flexibility and resilience. We’ll discuss use cases in an effort to elucidate considerations for each and when orchestration is needed. We’ll also examine limits of un-orchestrated solutions in addressing key use cases and how edge and cloud computing can collectively address others.

Air Force Research Lab Agile Condor AI/ML on the Tactical Edge

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 227
Speakers: Dr. Qing Wu, AFRL; LTJG Alexis Bryant, DIA; Bruce Goldfeder, DIA; Ramesh Menon, DIA

Session Description:
This brief draws a comparison between the U.S. and its near peer competitors across the Artificial Intelligence (AI) stack. The brief identifies strengths and weakness in AI and advocates for a focused research into AI/ML. The brief highlights China as the first competitor since WWII with the where withal to supplant the U.S. as the global technological leader and innovation hub. Finally, the brief suggests ways to enable, facilitate, and effectively organize AI in the DoD enterprise.

Monitoring Large Secure Spaces for Mobile Devices and Hidden Wireless Transmitters

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 229
Speakers: Gary Schluckbier, Eqiq Solutions; Michael Monical, USSTRATCOM

Session Description:
The risks associated with commercial wireless devices such as smartphones, bluetooth, and wifi devices, including wireless hidden in common items are well known and are the reasons for no-wireless policies in SCIFs. In practice, how are these threats, ubiquitous in modern life, reliably kept out of some of the most sensitive spaces in the DoD? In this talk, the WIDS team at USSTRATCOM describes the technology and practices they use to defend against wireless threats.

The Future of JWICS

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 224
Speakers: Katie Lipps, DIA; Jojo Leasiolagi, DIA; Elcie Dinch-McKnight, DIA

Session Description:
In this session we will discuss technologies and high-level concepts that are shaping our future JWICS architecture and the timing to deliver. Come join us to learn how you might partner with us on this journey.

Training Autonomous Systems with Synthetic Data Sets

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 225
Speaker: Dan Bono, CACI

Session Description:
The machines are on the rise, but they still can’t figure out how to cut your lawn and not your neighbors. As nations adopt autonomous systems, either Cyber or Cyber-Physical, how do we ensure correct operational behavior? They require training data sets that will be challenging to build. Modeling & Simulation and Digital Twins may enable rapid creation of Virtual Reality synthetic data sets to train autonomous systems and improve the trustworthiness of autonomous capabilities.

Project Herald

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 222
Speaker: Leslie Beavers, OUSDI

Session Description:
OUSD(I&S) Intelligence, Surveillance and Reconnaissance Enterprise Capabilities (ISREC) Directorate provides oversight for NIP/MIP programs and provides guidance to DI2E programs on modernization. Last year, ISREC published the ISR Architecture Convergence Study to help inform Defense-level, Planning, Budgeting and Execution of the future modern enterprise. The study emphasized enterprise-level services of common concern that will comprise the Defense Intelligence Digital Foundation and free the Military Departments from responsibility to deliver end-to-end solutions, allowing them to focus on specific value-added capabilities, such as exquisite sensing, software applications, mission-unique workflows, and advanced algorithms. Defense Intelligence Digital Transformation Campaign Plan (currently in coordination) aims to put the study recommendations into action and serves as USD(I&S)’s plan for implementation of the Defense Intelligence Strategy.

Enabling Seamless Data Interoperability in a Multi-INT World

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 221
Speaker: Nancy Morgan, ODNI

Session Description:
The IC Chief Data Officer (IC CDO) leads the IC’s efforts to make information and data more discoverable. Learn about the next IC Information Environment Data Strategy and related efforts to drive data centricity in a new digital ecosystem; core principles to improve both information sharing and safeguarding; and the need for data acumen at every level of the organization. Discuss the need for robust data lifecycle management capabilities and data standards, the power of data services to manage data throughout the intelligence lifecycle, and preparing data for both a human and machine-enabled world as we incorporate more artificial intelligence, machine learning and other advanced technologies. Attendees will gain an understanding of the information and data landscape in a multi-INT, multi-cloud, multi-network world and information sharing between the IC, DoD and a range of external partners.

NGA Software Way Ahead

Date: Monday, December 6
Time: 1300 – 1355
Location: Room 226
Speaker: Mark Andress, NGA

Session Description:
Please join Mr. Mark Andress, NGA Chief Information Officer, as he discusses DevSecOps and preparing the NGA Software Way Ahead.

SUMMIT PIVOTS TO VIRTUAL FORMAT

At the direction of the DoD SAP CIO and team, it has been determined that conducting this event in a virtual format would be the best way to move forward while still preserving the government’s ability to connect government with industry. All attendee registrations are automatically being converted to virtual participants in the reorganized SAP IT & Cybersecurity Virtual Summit. The office of the DoD SAP CIO will present the roadmap, updates, policy changes, and project updates to all attendees in a virtual format.

Using an Online Android VM and Email Addresses for Social Media Account Discovery

The workflow will consist of utilizing Authentic8 Toolbox to access Genymotion’s Android VM. Once in the VM, an email database will be uploaded and contacts will be synced. Social media applications will then be installed, the synced email contacts will then appear as friend or follow suggestions on the various social media platforms.

Presented by: Alec Feltri, Silo By Authentic8

Date: Wednesday, February 3
Location: Exhibit Hall – Cactus Theater

MetaSift - Applying AI and ML Enabled Software to Solve Intelligence Mission Challenges

SAIC is investing in intelligent software solutions that leverage artificial intelligence and machine learning to transform mountains of unmanageable and unstructured content and data into fit-to-purpose engines that drive missions forward.

Presented by: Rich Dugdell, Product Director in SAIC’s Software Practice

Date: Monday, February 1
Location: Exhibit Hall – Armadillo Theater

Amazon Web Services (AWS)

Amazon Web Services (AWS) Worldwide Public Sector helps government, education, and nonprofit customers deploy cloud services to reduce costs, drive efficiencies, and increase innovation across the globe. With AWS, you only pay for what you use, with no up-front physical infrastructure expenses or long-term commitments. Public Sector organizations of all sizes use AWS to build applications, host websites, harness big data, store information, conduct research, improve online access for citizens, and more. AWS has dedicated teams focused on helping our customers pave the way for innovation and, ultimately, make the world a better place through technology.

SUMMIT 2020 DATE IS ANNOUNCED

The office of the Department of Defense Chief Information Officer for Special Access Programs (DOD SAP CIO) and the Contractor SAP Security Working Group (CSSWG) are excited to announce the dates for the DoD SAP IT & Cybersecurity 2020 Summit.

The third annual DoD SAP IT & Cybersecurity Summit will be held March 22-26, 2020 in Cambridge, MD.

If you would like to be added to the email distro for this event, please contact Rebecca Steppling at steppling@ncsi.com.

EXHIBIT SPACE NOW OPEN

Register now to reserve your exhibit space, and demo your products and services to 1,000+ attendees in the SAP community. Exhibitors will have the opportunity to present product demos, network with attendees, participate in networking sessions, and meet key decision makers and leadership within the community. Partnerships are key, and contractors already involved with SAPs are encouraged to have their companies participate as an exhibitor. Exhibits will be presented at the unclassified level, and no clearance is required to participate as an exhibitor representative. Prior to acceptance as an exhibitor, each company will be vetted by the DoD security team. Space is limited and available on a first come first served basis. Click here to submit your exhibit application.

2020 SAP Summit Registration OPEN

Registration for the 2020 DoD SAP IT & Cybersecurity Summit is now open. We expect to reach capacity in record time, so please register early to guarantee your attendance. This year’s Summit will be held in Cambridge, Maryland on March 22-26, 2020. The Summit will bring together program managers, IT, security, and cybersecurity professionals to understand the latest on the Department’s SAP IT Strategy and Roadmap. Please visit the registration page for details.

Event at 73% capacity, register NOW!

With the Summit just over 7 weeks away we are working on the agenda and session topics to present throughout the week. Please submit an abstract if you are interested in participating as a speaker, or if your organization can provide unclassified training on Thursday. There are currently about 15 exhibit spots remaining and a few sponsorship opportunities. The summit is at 73% capacity for attendance. Please register NOW to ensure that you get a spot at the Summit. We have added some new hotel room blocks at or below the per diem rate in Easton and Salisbury, just a short drive from the Summit venue.

KEYNOTE SPEAKERS ANNOUNCED!

The agenda is starting to take shape, and a dynamic lineup of Keynote speakers have been announced to compliment each daily theme. Monday: More capable and more secure. Tuesday: Fielding Faster. Wednesday: Provoking Innovation. Thursday: Enhanced Learning Opportunities. Check out the agenda page to see the list of speakers involved in the Summit.

COVID-19 STATEMENT

With the Summit due to take place in less than a month, we continue to plan for all educational sessions and networking activities as scheduled. The recent situation with COVID-19 (Coronavirus) is changing daily so we remain watchful but also focused on delivering a safe, secure, and successful event for all attendees. All participants in the 2020 Summit are US Citizens. No one without a badge will be allowed access to the Hyatt during the Summit. While COVID-19 is a global health concern, it’s our collective responsibility to focus on facts and use common sense and sound judgement to not spread unnecessary panic. It is important to follow official health and travel advisories, and at this point there are no restrictions that prevent the important gathering of this group of people. We will continue to closely monitor travel updates from the CDC as well as advisories from the State Department and the State of Maryland.

We are working closely with the Hyatt Regency Chesapeake to ensure the safety of all Summit participants. The Hyatt Regency continues to maintain rigorous cleanliness and safety standards throughout the guest rooms, meeting rooms, and public spaces.

We strongly encourage attendees and exhibitors to follow the guidance of the CDC for everyday preventative actions to help prevent the spread of respiratory viruses:

Wash hands often with soap and water for at least 20 seconds, especially after going to the bathroom; before eating; and after blowing your nose, coughing, or sneezing.
If soap and water are not readily available, use an alcohol-based hand sanitizer with at least 60% alcohol. Always wash hands with soap and water if hands are visibly dirty.
Avoid touching eyes, nose, and mouth with unwashed hands.
Avoid close contact with people who are sick.
Stay home when sick.
Cover a cough or sneeze with a tissue, then throw the tissue in the trash.
Clean and disinfect frequently touched objects and surfaces using a regular household cleaning spray or wipe.

For the most current information about COVID-19, see the following resources:

AI and Hunting the Zero Day Threat

This lunch and learn will introduce an AI based framework and patented technologies to detect, contain, and quarantine zero day threats (both file based and file-less) deployed and operational with the USG. We will introduce an architectural view that illustrates sensor placement for pre-breach, wire speed detection. The lunch and learn will then seque into a practical demonstration at our booth where security analysts can get hands on, practical experience of “moving up the attack chain” to hunt advanced threats before they bring down the enterprise.

Date: Monday, August 3
Location: Lunch & Learn – Cactus Theater
Presented By: Bluvector

Azure Government Secret Meets the Needs of Classified Mission Workloads

Learn more about our latest announcement in this Lunch & Learn. Get comprehensive and powerful cloud services built exclusively to support US agencies and partners working with Secret US security classification level data. Developed using the same principles and architecture as Azure commercial clouds, Azure Government Secret has been enhanced for maintaining the security and integrity of classified workloads while enabling fast access to sensitive, mission-critical information.

Ansible – Automating All of the Things

We will discuss Ansible, Red Hat’s automation and desired state configuration tool, and how it can make the life of a network or system administrator easier. Topics to be covered are the Ansible playbooks, command line interface, web interface and Git integration. Come and learn with us!

Leading by Example, Creating a Data and AI-driven Company

Leading a Data and AI transformation requires new mindsets and methods at every level; it takes an AI Enterprise culture. IBM has learned this first hand. In this experience-based session, Caitlin Halferty, IBM’s Director, Artificial Intelligence (AI) Accelerator and Client Success, will take you behind the scenes as he shares challenges and ultimate breakthroughs that transformed IBM’s culture and business processes with AI and data driven resources, all embedded in security and trust. These lessons will help accelerate your organization’s journey to AI, from data strategy and architecture to AI solutions.

Secure Wireless in SCIFs: A Beginning

Date: Wednesday, August 21
Time: 1030 – 1130
Location: Room 22
Speakers: George Connor, DIA; Angel Rios, DIA; Andrew Kelly, DIA

Session Description:
DIA and a number of other IC Members started working on pilots for using wireless on DoDIIS several years ago. Based on the results of a Major Issue Study conducted in 2014, the ODNI has halted all wireless efforts concerning SCI, created a Wireless Steering Committee and is developing IC wide policy on the way forward in order to ensure that these efforts are secure.

DIA’s Cyber Security Services Branch, Secure Wireless Project Team and the SCIF Accreditation Team have been working with the ODNI and other IC elements on creating IC policies and developing procedures to implement those polices within DIA and on the DoDIIS network. These procedures involve creating a secure working area to operate wireless through TEMPEST and Technical security methods, creating methods of detecting wireless vulnerabilities and exploitation attempts, and ensuring that all aspects of the network being used are properly configured to eliminate risk. Elements that we are currently addressing include the Supply Chain Risk Management process, Commercial Solutions for Security, Security Assessments on the tablets and networks, RF Shielding and Wireless Intrusion Detection Systems.

While this process is still ongoing, we would like to brief on the current status, what we see as the way ahead and encourage feedback from the field to help shape our discussions. We have had hundreds of separate requests for wireless solutions to each of our offices and believe this briefing would provide guidance that would benefit the entire DoDIIS community.

Modeling System of Systems Effects at Massive Scale

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 23
Speaker: Dr. Steve Hardy, Deloitte Consulting

Session Description:
We present a new approach for conducting what-if analysis at massive scales – like entire cities, lifeline infrastructure, populations, and the networks that connect them. Analysts interact with a system of systems model to discover hidden vulnerabilities in our networks and infrastructure and to test resiliency and security options for closing gaps and exploiting opportunities. This capability opens a new frontier of analytics and preparedness for asymmetric threats.

MARS UPDATE (Repeat)

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 17
Speakers: Irving Townsend, DIA; Terrence Busch, DIA

Session Description:
An update on MARS.

Insider Threat Overview and Strategic Initiatives

Date: Monday, August 19
Time: 1500 – 1600
Location: Room 21
Speaker: Robert Carpenter, DIA; Yolanda Vetri, DIA; Marvin Wilson, DIA; Captain Kern, DIA; Ashleigh Callaway, DIA

Session Description:
Provide an overview of DIA’s Insider Threat Program and the mission of the Insider Threat Division, Office of Security successes, best practices and lessons learned. Additional information will include strategic initiatives to respond to the National Insider Threat Task Force Standards, innovations to mitigate the threat from trusted insiders and collaboration across the community and with FVEY partners.

UNSTOPPABLE: Women in Defense and Technology

Date: Tuesday, August 20
Time: 1600 – 1700
Location: Room 24
Moderator: Melissa Sutherland, Vice President, Booz Allen Hamilton

Panelists:
Jean Schaffer, Chief, Cyber and Enterprise Operations, Office of the CIO, Defense Intelligence Agency (DIA)
Lynn Schnurr, Executive Consultant, General Dynamics (former Army G2 Intelligence CIO)
Trish Goforth, Executive Vice President, Booz Allen Hamilton

Session Description:
When we, as women, collectively bring our passion and talent to bear on challenges, there is no limit to what we can achieve. When we champion other women, and celebrate their successes, our individual journeys become that much richer. And when we feel supported by our networks and draw on the immeasurable strength and knowledge within them, we become unstoppable. Join Booz Allen and DIA to learn how industry and government are creating inclusive environments and supporting diversity in their organizations.

CCI-EMSO Enterprise Architectural and Capability Area Management

Integrated Automated Cyber Defenses

Date: Monday, August 19
Time: 1600 – 1700
Location: Room 24
Speaker: Craig T. Harber, Fedelis Cybersecurity

Session Description:
One the most significant challenges facing cyber security professionals today is the need to simplify and streamline their existing cyber security infrastructure while gaining efficacy and reducing cyber dwell time. Security Operation Centers (SOC) are overwhelmed by the sheer volume of alerts lacking context and the number of investigations demanding their attention while the supporting security infrastructure is geared more towards being reactive than proactive. Security analysts are often presented with more alerts than are humanly possible to triage and investigate, granting adversaries more time to evade detection because of the time required by SOCs to detect and respond. These problems are further exacerbated by a rising skills gap as organizations struggle to build an adequate bench of expertise. More data is not necessarily a good thing and the focus should be on zeroing in on the right data and making it actionable. This session will discuss approaches to streamlining cyber security stacks, and why integration and automation are critical elements of a strategy to improve the overall effectiveness and efficiency of defensive cyber operations.

Accessibility in the Intelligence Community Panel

Date: Tuesday, August 20
Time: 1600 – 1700
Location: Room 22

Speakers:
DIA Panel Member: Penny Steinhauer, DIA, Chief Information Office, Chief of Staff, Corporate Engagement Division
NSA Panel Member: Daniel Hetrick, NSA/CSS ICT Accessibility Team Chief
CIA Panel Member: John Nemeth, Facilities Investment Program Manager
NGA Panel Member: Susan Shuback, NGA Associate Chief Information Officer

Session Description:
The Principle Deputy Director of National Intelligence (PDDNI) challenge Intelligence Community elements to devise bold strategic solutions to improve information technology accessibility. Come see and hear the collective knowledge and experience of the IC designated representatives to develop and employ solutions to accessibility challenges facing agency employees with disabilities.

The CIO Lean IT Journey

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 18
Speaker: Anthony Kuhn, DIA

Session Description:
Today the United States faces growing national security challenges with adversaries adapting in asymmetric ways and rapidly adopting technologies, turning warfare into a case of constant uncertainty and instability. Throughout the DoD and the IC, leaders have accepted the need to implement rapid innovation and grow a workforce culture that is swift and agile. In the DIA, the CIO’s transformation has been at both the strategic and grassroots level all with the aim to improve our processes and adjust our workforce culture. After much progress, leadership identified the need to integrate some of these efforts to create a unique pathway for emerging innovative ideas and/or products to better and more quickly meet mission customer needs. Through the deliberate cohesion of these efforts the Innovation Pipeline provides a pathway to production that encompasses the innovation methodologies taught by the Innovation Program, embedding the concepts throughout each phase of the Pipeline. These innovation concepts, pulled from industry best practices and the Silicon Valley start-up community, emphasize experimentation over detailed planning and require deep customer engagement by multifunctional teams.

Moving Beyond Lip Service: Empowering Inclusiveness Through Information Technology Accessibility

Date: Monday, August 19
Time: 1600 – 1700
Location: Room 22
Speakers: Shannon Paschel, DIA; Jill Ballmer, DIA; Pamela Fitzgerald, DIA

Session Description:
How do you build resiliency, redundancy and security if you aren’t enabling all of your workforce to contribute? Come hear how DIA and the Intelligence Community are moving beyond the Section 508 of the Rehabilitation Act of 1973, National Security Exemption and making information technology accessible for all.

The Tech Leadership Council – the Imperative to Partner

DIA’s DevOpsSec Path to Production – Shift Left, March!

Date: Tuesday, August 20
Time: 1600 – 1700
Location: Room 19
Speakers: Steven ‘Mike’ Harkins, NIWC; Kirk Brown, NIWC; Dylan Leckie (CTR), DIA; Jonathan Parr (CTR), DIA

Session Description:
Shift Left, March! focuses on the process, tools, and culture the cyber security team at DIA implements and manages to provide application teams with a secure, more rapid and streamlined path to production. The presentation will breakdown the current state of the DevOpsSec way of working at DIA and delve into the enhancements the cyber security team is making to further build out the toolchain, increase the types of applications that can receive authorization through the DevOpsSec path to production, and support a culture of integrating security at the start of development.

U.S. Special Operations Command: Intelligence and Information System Requirements for the Future

Secure Wireless in SCIFs: A Beginning

Date: Monday, August 19
Time: 1600 – 1700
Location: Room 19
Speakers: George Connor, DIA; Angel Rios, DIA; Andrew Kelly, DIA

Session Description:
DIA and a number of other IC Members started working on pilots for using wireless on DoDIIS several years ago. Based on the results of a Major Issue Study conducted in 2014, the ODNI has halted all wireless efforts concerning SCI, created a Wireless Steering Committee and is developing IC wide policy on the way forward in order to ensure that these efforts are secure.

DIA’s Cyber Security Services Branch, Secure Wireless Project Team and the SCIF Accreditation Team have been working with the ODNI and other IC elements on creating IC policies and developing procedures to implement those polices within DIA and on the DoDIIS network. These procedures involve creating a secure working area to operate wireless through TEMPEST and Technical security methods, creating methods of detecting wireless vulnerabilities and exploitation attempts, and ensuring that all aspects of the network being used are properly configured to eliminate risk. Elements that we are currently addressing include the Supply Chain Risk Management process, Commercial Solutions for Security, Security Assessments on the tablets and networks, RF Shielding and Wireless Intrusion Detection Systems.

While this process is still ongoing, we would like to brief on the current status, what we see as the way ahead and encourage feedback from the field to help shape our discussions. We have had hundreds of separate requests for wireless solutions to each of our offices and believe this briefing would provide guidance that would benefit the entire DoDIIS community.

Defense Intelligence Engagement in the 5 Eyes Enterprise (5EE)

Date: Monday, August 19
Time: 1600 – 1700
Location: Room 18
Speaker: Kathryn Lipps, DIA; Benjamin Davis, DIA

Session Description:
The Principals of the May 2019 CIO Forum and Defense Intelligence Seniors Conference of the Commonwealth and United States (DISCCUS) agreed to establish and resource a central program management organization responsible for overseeing delivery of Five Eyes Multi-INT needs across the 5EE. On behalf of the CIOF and DISCCUS, this organization will oversee and coordinate the establishment of services for the 5EE community and ensure a robust service offering that meet a multi-INT 5Eyes community requirement. DIA has taken the lead for outlining the roles and responsibilities of this organization and providing initial staffing to standup the office.

How to Ensure Your Cybersecurity Program is Bullet Proof

Cyber Educators Framework

However, it’s common knowledge that the nation has a current shortage of cybersecurity professionals, so what do we do? Industry, Academia, and Government are diligently collaborating on various initiatives to help address this shortage. A key task is recognizing factors that motivate a person to choose the cybersecurity profession; then providing training to help establish and retain those who are interested.

Much like using the proper bait to catch a certain type of fish, educators must consider the proper techniques based on “where” and “who” an individual is. “Where” characteristics align with external influences, such as a person’s presumed rewards. While, internal influences like academic performance lends to the perception of “who” a person is. These influences vary, but the concepts are constant.

A common model using semi-quantitative metrics, could assist educators in analyzing their audience’s make-up, and making more informed decisions as to which technique(s) would be most effective. Similar to the nature of influences, an effective model would be industry-agnostic, consistent, and repeatable, but contain elements that could be easily varied.

Organizational Adoption of Cloud Services: A Repeatable Approach that Enables Mission Command Intelligence

Supply Chain Risk Management: Achieving Resiliency while Vigilantly Integrating Industry Best Practices

Date: Monday, August 19
Time: 1500 – 1600
Location: Room 18
Speaker: Dr. Sean Miles, DIA

Session Description:
(U) Offshore Commercial-Off-the-Shelf (COTS) electronics manufacturing supply chains compels a complex web of contracts and subcontracts for hardware, component parts, and other manufacturing services. These globalized commercial supply chains facilitate asymmetric assault, via foreign intelligence entities (FIEs), upon DIA’s systems and networks. Our most capable adversaries can access the supply chain, at multiple points, establishing advanced, persistent, and multifaceted subversion. Additionally, our adversaries are also capable of using the complexity of the supply chain to obfuscate their efforts to penetrate, exploit, and compromise DIA’s mission critical systems. CIO SCRM will lead an informative session with select Original Equipment Manufacturers (OEM) and Re-sellers of Information and Communications Technology (ICT). Focus is centered on how DIA has partnered with industry to thwart supply chain malfeasance by: imparting discipline, integrating best practices, and enhancing the security and resiliency within the DIA supply chain. Engaging and cultivating strong relationships with industry partners throughout the DIA supply chain is critical in addressing asymmetric & emerging threats inherent to global sourcing and offshore manufacturing.

MARS UPDATE

Sun Tzu and The Maginot Line in Space: A Response to the Challenges of Security in Space

Date: Monday, August 19
Time: 1300 – 1400
Location: Room 19
Speaker: Philip Kwong, Intelsat General Communications LLC

Session Description:
Space based capabilities are critical for both public and private use. The DoD relies on space as a key enabler for precision strike and force projection capabilities. While previously space was “safe” because access was limited, that is no longer the case. Recent developments have enabled easier access to space and foreign governments, particularly Russia and China, have taken steps to challenge the US in space. Russian and Chinese military doctrine shows an appreciation of the importance of space to warfare and counter-space as a means to reduce US and allied effectiveness. Moreover, these nations have developed robust space capabilities that are “scientific” in name but have dual-use for counter-space capability. These developments call for a re-look of US Space Strategy. At issues is whether the US practice of a few very expensive military satellites can achieve the resiliency that our Space Strategy requires. A historical comparison to the infamous Maginot Line will illustrate how a system can perform as designed and still be strategically ineffective. Finally, if this current approach is incorrect, what are some options for a more effective approach to achieve the goals of our Space Strategy that are available today or in the near future.

Identity and Access Management Strategy at DIA

Date: Monday, August 19
Time: 1500 – 1600
Location: Room 24
Speakers: James Kirkley, DIA; Zebulon Griggs (CTR) DIA

Session Description:
How do we know who is on the networks and what they have access to? How do we, as an agency, keep it all in check? From cutting edge technology to securing our identities, let discuss it.

Unraveling the Security Conundrum

Date: Wednesday, August 21
Time: 0830 – 0930
Location: Room 23
Speaker: Craig Gladu, DIA; Jonathan Coughlin, DIA

Session Description:
Discussion exploring the necessity of data tagging, identity management and their role in access control. Discussion of the level of risk exposure that your data has, based on the granularity of the metadata associated with it. Discussions of the benefits and deficiencies of relating classification at the folder-level compared to the file or element level. Once a strategy has been determined, what are common pitfalls during data-tagging implementation and managing datasets? Discussion on processes, policies, methodologies and means for sharing of data within the enterprise. This will include the options available for automated and manual capabilities for data transfer internal and external to the enterprise; discussion of approval authorities, the appropriate data transfer methods and protection requirements for data-in-transit. Discussion of the role of removable media in methodologies for data creation, handling, destruction, accountability, and data-transfer footprint reduction.

DoD SAP IT Roadmap and How It Enables Communications with the IC Partners

Date: Monday, August 19
Time: 1300 – 1400
Location: Room 23
Speaker: Kenneth Bowen, DoD

Session Description:
The Office of the DoD CIO for Special Programs is paving change in the Special Access Information Technology community. Following the footsteps of the Intelligence Community, the DoD Special Access Community is shifting to commercial cloud solutions to enable faster mission application hosting. The shift to the cloud will also enable easier collaboration and communication between the SAP Community and the Defense Industrial Base partners and the Intelligence Community. This breakout session will provide updates to the ICON project, creating a PL3 reference architecture to connect to the industry partners; Identity Credentialing and Access Management (ICAM); Fences, and Data Comingling.

Data for the Intelligence Community Enterprise (DICE) II

Date: Wednesday, August 21
Time: 0830 – 0930
Location: Room 22
Speaker: Bryan Lane, AUGR LLC; ODNI

Session Description:
Data for the Intelligence community Enterprise (DICE) II is an analytic effort led by ODNI Systems & Resource Analysis that looks at data discovery, access, and use on the UNCLASSIFIED and SECRET security fabrics. This is a follow on effort to the DICE I Major Issue Study (MIS) that focused on discovery, access, and use on the TOP SECRET fabric. This breakout session will recap the findings of DICE I and the subsequent scoping of DICE II as an analytic effort. The DICE II team will discuss how leveraging use case development methods can identify additional challenges to discovery, access, and use of data across the IC when considering the added complexities of operating across multiple security fabrics. Each use case showcased the importance of interdependent, multi-fabric data services that enable authentication and authorization, digital enforcement of entitlements, cross-domain solutions, data discovery, and reliable audit capabilities. The use cases were completed with surveys and interviews from data managers, end users, and agency Chief Data Officers.

Two-thirds of Organizational Changes Fail. Are You Next?

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 20
Speakers: Ian Fowlie, DIA; Christina Dance, DIA; Mario Contreras, JSOC; Anthony Howell, CENTCOM; Dennis Barnabe, NSA

Session Description:
The DIA’s CIO is conducting a call-to-action and soliciting best practices about the challenges of organizational transformation in a government environment. As the CIO strives to better serve the warfighter as the disruption of the digital revolution presents an increasing existential threat, one resounding fact has become clear: developing a culture that embraces change and agility is hard. Whether it is a result of funding, resources, budget, talent, or buy-in, cultivating corporate ethos of change can be incredibly difficult. CIO’s leaders have recognized the importance of addressing its current culture, and developing a workforce appetite that not only buys-in and embraces these shifts, but desires to be at the forefront of tackling new technologies and processes. To gain insights on common pain points and identify solutions for these entrenched challenges, DIA CIO will facilitate a panel discussion of DIA/DoD mission partners and attending members, who have successfully led the charge on transformation in similar environments.

Robotics Process Automation Supporting DIA

IC Security Coordination Center – The Federal Cybersecurity Center Defending the IC

Date: Wednesday, August 21
Time: 1030 – 1130
Location: Room 25
Speakers: Wallace Coggins, ODNI; Christopher Keller, DIA

Session Description:
The IC SCC, a joint ODNI – DIA operation, is the Federal Cybersecurity Center for the IC which coordinates the integrated defense of IC ITE and the IC Information Environment (IC IE) with IC elements, DoD, and other U.S. Government departments and agencies. The IC SCC facilitates accelerated detection and mitigation of security threats across the Intelligence Community by providing situational awareness, and incident case management within the shared IT environment. Additionally, the IC SCC monitors and coordinates the integrated defense of the greater IC Information Environment (IC IE). These capabilities support the security protections necessary to defend against threats to the IC and coordinate operational responses across the Federal Government.

Make it Real: Operationalize the Architecture

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 25
Speakers: Cynthia Mendoza, ODNI; Gil Anderson, NSA

Session Description:
The IC Reference Architecture Framework (RAF) defines a consistent, repeatable, and verifiable process for developing and applying RAs in the IC. The key aspect of what makes the RAF different from traditional RA activities is that the RAF is more than a static RA document; it includes the processes, the collaboration, the guidance, the compliance assessments, and most importantly, the operations of IC solutions. The biggest difference between historical RA-driven efforts in the IC and the IC RAF is the full commitment to ensure RAs do not simply become a documentation effort (“shelf-ware”). The RAF involves the deliberate process for not only documenting the architecture, but more importantly, the persistent assurance to ensure operational compliance for all IC Agencies.

Applying Lean IT Principles

Date: Monday, August 19
Time: 1500-1600
Location: Room 19
Speakers: William Hancock, DIA; Anthony Kuhn, DIA

Session Description:
The complex field of information technology demands modern approaches to designing, building, and deploying new software and services. This demand is the driving force behind CIO development practices and processes as applying Lean IT principles can help organizations achieve better productivity. In this brief we will discuss the current state of Lean IT in CIO, as it applies to our innovation pipeline, and focus on the future.

IC ITE Epoch 3: Advancing IT Infrastructure to Enable Key Technologies

Strategic Plan to Advocate Cloud Computing in the IC

Date: Tuesday, August 20
Time: 1600 – 1700
Location: Room 25
Speakers:

Session Description:

Improving Cybersecurity for the IC Information Environment

Date: Monday, August 19
Time: 1500 – 1600
Location: Room 25
Speakers: Sue Dorr, ODNI; Wallace Coggins, ODNI

Session Description:
Safeguarding the Intelligence Community Information Environment (IC IE) is of utmost importance and remains a significant component of the National Intelligence Strategy. All 17 elements of the IC are responsible for taking proactive measures to secure and defend all intelligence-related enterprise, mission, and business information technology to the degree necessary to protect our people and the data that is so vital to performing our intelligence mission. In February 2018, the Principal Deputy Director for National Intelligence commissioned the development of the Improving Cybersecurity for the Intelligence Community Information Environment Implementation Plan to identify the most critical cybersecurity functions and tasks requiring attention; to raise awareness of IC element roles and responsibilities; and to foster ongoing conversation about enterprise security risks and the needed balance of investment and sustainment to mature the IC IE safeguarding posture. The plan was published in the Spring of 2019, but IC element leadership agreed to begin working on multiple high-priority tasks in mid-2018, such as performing comprehensive asset inventories, maturing vulnerability management processes, and providing automated situational awareness reports to the Intelligence Community Security Coordination Center. To keep IC senior leadership informed of progress towards achieving safeguarding objectives, the IC CIO collaborated with IC element representatives to establish an outcome-based IC IE Cybersecurity Performance Evaluation Model that kicked off in July 2019. Come learn how we all can contribute to improving cybersecurity for the IC IE.

Cross Domain Enterprise Service (CDES) Capabilities Overview

Date: Wednesday, August 21
Time: 1030 – 1130
Location: Room 18
Speakers: David Kim, DISA; Quang Trinh, DISA; Whitney Tso, DISA; Douglas Young, DISA

Session Description:
This session will discuss DISA’s Enterprise Cross Domain initiatives, CDES Portfolio, current and future capabilities (FY19-25), CDES Cost Models, CDES project lifecycle, and the benefits of joining the CDES.

Countering Asymmetric Threats with Machine Learning-enabled COTS Tools

Date: Monday, August 19
Time: 1500 – 1600
Location: Room 17
Speaker: Jason Chung, Premise Data Corp.

Session Description:
Quickly-changing dynamics on the ground, particularly in complex operational environments (OEs), challenge DIA’s ability to provide military intelligence to warfighters, defense policymakers, and force planners. Our toughest challenges today are in the “grey zone” between war and peace, where our military is sub-optimized both conceptually and organizationally. Intelligence operations and data collection gaps are symptoms of this larger problem.

Countering grey zone tactics and maintaining our advantage in an era of hyper-competition and asymmetric threats requires a paradigm shift. New methods to collect data and information to understand these nuanced environments must account for local sentiment and how competitors and adversaries are influencing populations with new digitally-enabled instruments of national power. We must adapt and evolve to address the challenges of persistence, authorities and policies, access to denied and semi-denied environments, scale, cost, speed/agility, timeliness, and relevance.

Premise is a completely unique, fundamentally new ISR capability that delivers persistent, non-provocative access to any OE with scale, agility, and speed. Premise transforms any individual with a smartphone into a human sensor (more than 600,000 online today) that is dynamically taskable/re-taskable in near real-time. Premise validates submissions using machine learning modules (Python) for data quality control, providing a decision advantage in dynamic, complex OEs. Response outputs and data visualizations are available through the user interface or can be easily integrated directly into existing DIA enterprise software systems like DCGS or other Joint C5ISR systems available in today’s and future OEs.

CloudTracker: A Multicloud Success Story

Date: Wednesday, August 21
Time: 1030 – 1130
Location: Room 24
Speakers: Cletus Dailey, DIA; Jeremy Glesner (CTR), DIA

Session Description:
Cloud computing has evolved from a niche service to a full-blown industry that caters to every conceivable business. With the growth of cloud computing, organizations find themselves using more than one cloud provider. DIA’s CloudTracker is a flagship example of building cloud-agnostic applications that are able to take advantage of features and services from multiple cloud environments.

Advanced Analytics, Deep Learning, and Artificial Intelligence (AADLAI)

Date: Monday, August 19
Time: 1600 – 1700
Location: Room 21
Speaker: Christopher Sutton, DIA; Randy Gladish, DIA

Session Description:
DIA CIO CTO will develop a detection, discovery, and cueing system using a variety of techniques to include machine-learning methodologies. The system will discover semantically similar and disaggregated data across disparate Intelligence databases. Current DIA mission impediments will be significantly reduced with the implementation of new data traversing capabilities: stream and bulk ingestion, differentiation on traditional and non-traditional data, and data discovery. The ability to parse & bin intelligence data, leveraging machine learning, using the latest commercially available technologies will be a significant force multiplier in the mission of DIA. The system will portray foundational data layers and depict mission sets upon aggregation and integration of various file formats, feeds, and functions (i.e. shape files, unstructured data, semi-structured data, etc.), and deliver just-in-time data to analysists, operators and decision-makers. The system will use machine-learning tools and new computing paradigms to discover, define and aggregate, and deliver data-analytic products, with high confidence, while closing gaps that currently exist between limited personnel and time constraints.

Advanced Analytics, Automation and Artificial Intelligence (A4) Program Overview

Date: Wednesday, August 21
Time: 0830 – 0930
Location: Room 18
Speaker: Sheri Wolfrom, DIA

Session Description:
Present an A4 program overview. An A4 overview would include the foundational infrastructure services along with a suite of capabilities to expose, enable, and create DIA advanced analytics, automation techniques, and artificial intelligence algorithms. In addition, we present the A4 collaboration portal and data science development environment to synchronize efforts and create data analytic efficiencies.

Establishing RMF in a Cloud Environment, an Inherited Security Control Model

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 24
Speaker: Matthew Thompson, U.S. Army

Session Description:
Effective risk management is a constant challenge for elements across the DoD and IC that is further complicated by commercial cloud service offerings due to rapid and continual technology insertion. By using the foundational C2S shared security model and establishing baseline security controls under a common control provider (CCP), the complexity of implementing Risk Management Framework (RMF) across an enterprise can be dramatically reduced. An Army Military Intelligence (MI) Cloud CCP model has been implemented that delivers these controls to Army MI tenant organizations facilitating efficient and secure cloud adoption. By doing so, tenant organizations and capability owners are responsible for a significantly reduced control set through sharing and inheritance. Additionally, Army is working on a reciprocity model which allows the Army MI AO to accredit across all three security fabrics for C2S offerings, engaging with Army to expedite authority to connect (ATC) for cloud-based capabilities designed to be delivered to forward disadvantaged areas.

IC Enterprise Auditing on JWICS

Date: Wednesday, August 21
Time: 1030 – 1130
Location: Room 19
Speaker: Bret Kapinus, DIA; Fernand Pecot, DIA

Session Description:
The audit data routing capability is an on-going requirement intended to be an operational system providing near continuous, near real-time data services for the agency. Discussions will focus on JWICS audit collection and distribution requirements for Community Shared Resources (CSRs) as outlined in the Intelligence Community Standard (ICS) 500-27. This session will outline how DIA provides mentoring and technical coordination to ensure collections are performed and managed over time to maintain currency with changing community requirements by providing technical guidance and sharing engineering “best practices”, as applicable. Provide guidance on how best to plan/program the ICS 500-27 mandate into the requirements process and how to implement auditing requirement’s into existing applications.

IC Chief Data Officer Panel

Date: Wednesday, August 21
Time: 0830 – 0930
Location: Room 25
Speakers: David Salvagnini, DIA; Nancy Morgan, IC CDO; Michael Conlin, DoD CDO; John Turner, DoD

Session Description:
Intelligence agencies are racing to grapple with the exponential volume, variety, and velocity of data to provide analysts, operators, decision makers, and policy makers with timely and accurate information. Harnessing and exploiting these vast quantities of data is crucial to maintaining strategic advantage and ensuring mission success. IC agencies are collaborating closely on a host of initiatives to develop strategies, policies, and tools to build a data foundation to drive future technologies. With an IC data strategy driving community goals, an IC data catalog established to facilitate secure discovery and sharing, and data services being developed and deployed, where are we on our journey toward data dominance?

Join the IC CDO Nancy Morgan, DoD CDO Michael Conlin, and IC element Chief Data Officers for a panel discussion highlighting IC and DoD integration to enable the goal of a data centric enterprise supporting secure discovery, access, and sharing of information. Hear IC and DoD perspectives on today’s data environment and steps being taken to address modern data challenges. Participants will gain valuable insight into how individual agencies are working collectively to break down barriers to secure data discovery and sharing, and harnessing insights from collaboration efforts. This session will feature a question and answer segment to allow engagement with conference attendees.

Unleashing the Power of Data Science

Date: Wednesday, August 21
Time: 1030 – 1130
Location: Room 20
Speaker: Prem Saggar, DIA

Session Description:
The exponential increase in the volume, velocity, and variety of data provides intelligence agencies with a wealth of advantages to extract greater amounts of information and generate knowledge to thwart our adversaries. However, this expansive data environment also presents serious challenges to fully comprehend and scrutinize our data assets to draw meaning and actionable intelligence. Gone are the days of hiring throngs of analysts to pour over each piece of information looking for clues. Succeeding in today’s data environment requires the successful development and deployment of a robust data science practice to harness the potential of big data.

Join DIA’s Chief Data Office for a collaborative discussion about DIA’s emerging data science practice, our ongoing data challenges, and how data science can be leveraged to empower DIA’s data future. CDO technical experts will provide an overview of data science in action and why the role of data scientist, and what that means, is more important than ever. CDO will discuss the power of big data and machine learning, and how specific examples offer a roadmap for future innovation across the IC. CDO presenters look forward to a wide-ranging discussion with the audience at the data science session.

DoD Cybersecurity Analysis Framework

Date: Wednesday, August 21
Time: 0830 – 0930
Location: Room 20
Speaker: John David McPeak, UCDMO

Session Description:
The DOD and NSA are leveraging the DODCAR Cybersecurity Framework to enhance information sharing across stakeholder communities. The DODCAR framework has been termed a “Rosetta Stone” to help translate the actual cybersecurity threats seen on networks into meaningful language for IT System Security Engineers and Acquisition Specialists responsible for designing and/or procuring more robust information environments.

Program Executive Office and Contracting Branch Supporting the CIO Discussion of Upcoming Requirements

Date: Wednesday, August 21
Time: 0830 – 0930
Location: Room 21
Speakers: Esther Woods, DIA; Edward Lane, DIA

Session Description:
This session will provide the PEO and Contracting Officers overview and discussion of upcoming requirements, as well as provide an opportunity for industry to interact with the PEO and the lead Contracting Officer that supports the DIA CIO. This breakout session will offer industry a chance to ask questions about the new PEO structure and upcoming procurements.

Improving Cross Domain Security Through Raising The Bar

Date: Wednesday, August 21
Time: 0830 – 0930
Location: Room 24
Speakers: James Borders, NSA-NCDSMO; Dorian Pappas, NSA

Session Description:
This session will cover the changing landscape in Cross Domain Solution (CDS) requirements in the quest to combat the increasing frequency and effectiveness of cyberattacks. NSA and the National Cross Domain Strategy & Management Office (NCDSMO) have launched an initiative sanctioned by the DoD CIO to Raise the Bar (RTB) that CDS products must reach in order to thwart these attacks. This presentation will provide an overview of the Raise the Bar (RTB) Strategy and the RTB Requirements for CDS Design and Implementation, changes to the NCDSMO Lab Based Security Assessment (LBSA) process, various US Gov CDS policy changes, and the changes to the NCDSMO Baseline process.

Adopting Artificial Intelligence to Transform the IC

Date: Tuesday, August 20
Time: 1600 – 1700
Location: Room 21
Speaker: Michael McCabe, DIA

Session Description:
Artificial Intelligence and the explosion of open source data is enabling a tremendous amount of change and progress in the commercial world. This technology represents both a risk and an opportunity for the IC and we must quickly address both aspects. AI allows us to quickly gather, make sense of and act on information at machine speeds. Several entities within the US Government, the IC, and DoD are working on enabling AI. One of those groups, ODNI’s Augmenting Intelligence with Machines (AIM) Initiative is concentrating on taking advantage of these advances of the IC. AIM has recognized that the IC has legal, policy, cultural, and structural challenges that need to be addressed. This briefing will discuss some of the opportunities and strategies for addressing these hurdles. It will share some of the unclassified concepts and strategies with the DoDIIS Enterprise.

Risk Management Framework – Zero to ATO as Fast as You Can Go

Date: Tuesday, August 20
Time: 1600 – 1700
Location: Room 20
Speakers: Cove Binion, DIA; John Lundgren, DIA

Session Description:
Over the past year, DIA has made several changes to the DIA RMF Process, among them are clarification for assessing authorized IS undergoing changes, a new DevSecOps Process, a new Application Assessment Process (AAP) replacing the Scan After Deploy (SAD) process, a new Privacy Assessment Process, a new Applying Reciprocity Process, and newly-developed Critical Control Lists (CCL) to guide assessments and continuous monitoring. The proposed briefing would cover these unclassified processes and assist Information System Owners in navigating the new processes.

CIO Governance Updates, Focusing on Future Partnering, Planning and Streamlined Execution to Meet Mission Partner Needs

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 21
Speakers: Nicholas La Pietra, DIA; John Pistolessi, DIA

Session Description:
This presentation will provide an overview of the new CIO Governance decision framework, high level processes, and roles/expectations of all participants. Focus will be on successful planning for future requirements to drive the Planning, Programming, Budgeting, and Execution processes.

Using the DIA Platform and Cloud to Achieve Resiliency

Date: Tuesday, August 20
Time: 1400 – 1500
Location: Room 22
Speakers: Villa Sara, DIA; Joseph Kinzler, DIA

Session Description:
Today’s computing environment demands resiliency, redundancy, and security now more than ever. All three of these are offered through the DIA Platform and cloud computing, which can be leveraged to improve application availability, scalability, and security. These can be achieved either when building a new application, migrating your app to the platform, or taking a hybrid approach.

Program Executive Office (PEO)

Date: Monday, August 19
Time: 1600 – 1700
Location: Room 20
Speaker: John Pistolessi, DIA

Session Description:
The CIO PEO has been chartered to align acquisition strategies to the CIO Strategic Priorities, and oversee acquisition of systems, programs, and capabilities to enhance modernization efforts in support of stakeholders, executive decision makers, and the acquisition workforce within CIO. The PEO acts as the Acquisition advisor to the CIO for coordination and oversight of approved information technology (IT) acquisition programs and procurement activities. The PEO is working to provide advice on innovative acquisition opportunities and methods for acquiring IT. The PEO also works to improve development of acquisition requirements documentation, e.g., Statements of Work. The purpose of this breakout session will be threefold:

1. Expose industry and other mission partners to CIO’s investment management process;
2. Identify potential for new technology areas and markets.
3. Engage industry in dialogue for enhancing relationships and improving acquisition documentation.

Advancing DIA Information Technology Readiness

Date: Monday, August 19
Time: 1300 – 1400
Location: Room 20
Speakers: Capt Arianna Niro, DIA; Capt Jeffrey Guion, DIA

Session Description:
IT is the weapons system for much of the intelligence community, who depend on classified networks to securely collect, report, and analyze intelligence. This session touches on the mission of the DIA IT Operations Center (ITOC): 24 x 7 command & control of IT operations and cyber defense incidents to ensure intelligence systems remain functional in support of the global DoD/IC. It will then explore ITOC initiatives to address challenges in troubleshooting, and rapidly resolving major DIA IT outages. Focus areas include: improvements to monitoring & visualization of systems, data-driven trend analysis of outages, enhancing customer collaboration with the Help Desk, cross-agency coordination, and developing our workforce.

Understanding JCAP

Date: Monday, August 19
Time: 1600-1700
Location: Room 17
Speaker: Christopher Pfennig, DIA

Session Description:
Customer focused UNCLASS discussion on background and procedures for obtaining JCAP ATC for JWICS and Directors interest in ensuring JWICS resiliency through increased focused on connection standards and accountability.

Cyberscience - The Future of Data Science in the Security World

Date: Monday, August 19
Time: 1500 – 1600
Location: Room 23
Speakers: Prem Saggar, DIA; Jon Benedict, DIA

Session Description:
Agencies are rapidly modernizing their Continuous Monitoring and Cyber Alerting capabilities through Data Science. Moreover, as robust and scalable Data Science platforms are further commoditized by cloud providers, agency Cybersecurity Programs will spend less time implementing and maintaining complex data science platforms and more time improving the IA and Cybersecurity Mission by leveraging managed data science services to add new cybersecurity data sets, business rules, alerts, and dashboards. The Cyberscience field merges the skills of Data Engineers, Data Scientists, and Visualization Engineers with Cybersecurity Experts in IT Security, IA Compliance, Vulnerability Management, and Active Cyber Defense to provide a near real-time risk pictures for Cybersecurity Executives and Information Security Professionals alike.

Securing DoDIIS; Creating a New Culture of Cyber Security as the Foundation for CIO IT Enterprise Services

SABLE SPEAR: Using Artificial Intelligence to Confront the Opioid Crisis

Date: Monday, August 19
Time: 1500-1600
Location: Room 22
Speaker: Brian Drake, DIA

Session Description:
This presentation will share results of the SABLE SPEAR program. Fentanyl kills approximately 24,000 Americans every year. This is equivalent to an airliner falling out of the sky every day. The White House designated the threat of fentanyl as a national health emergency. As part of DIA’s support to defense elements in the counternarcotics mission, the Americas Regional Center (AMRC) commissioned SABLE SPEAR. SABLE SPEAR is a mass data analytics effort using open sources and machine learning to understand the synthetic opioid supply chain from “nature to needle.” SABLE SPEAR ingests large datasets residing on the Internet, looks for indicators of illegal or suspicious activity, and surfaces military, diplomatic, and law enforcement opportunities to abate the threat.

ICAM - The Digital Enabler: Providing Authorized Users Access When and Where They Need It

Date: Monday, August 19
Time: 1600 – 1700
Location: Room 25
Speaker: Ian Stewart, NSA

Session Description:
The National Security Agency (NSA) Identity Credentials and Access Management (ICAM) program’s Technical Director will lead a technical discussion of the NSA’s ICAM approaches, for leveraging identities, credentials and authorizations to manage the access to data, services and resources. ICAM is foundational to ensuring the integrity of any information-sharing environment. With the evolution of virtual and cloud based technologies, data and resource sharing between man different service providers, organization and end customers, has become the standard occurrence. Consistencies between all components of the environment with identifying individuals, managing authorizations and controlling each access, is essential to protecting vital data and resources. The discussion will cover tools, policies, and systems that allow an organization to manage, monitor, and secure access to protected resources, as well as disciplines for establishing trust and interoperability between groups and organizations that want to share information.

Data for the Mission: Managing the Delivery Without Slowing the Flow

Date: Monday, August 19
Time: 1500 – 1600
Location: Room 20
Speakers: Vickie Paytas, NSA; Tracy D. Fisher, NSA; Mark Woodcock, NSA; Najah McDonald, NSA

Session Description:
The National Security Agency (NSA) will cover end-to-end data lifecycle management and will lead a panel discussion that addresses cross-provider synchronization and coordination to deliver information to support multiple missions. Data is the core to every mission activity. The volume of data created around the world doubles in size every two years and the ability to consume the data at that growing rate mandates the need for smarter data analysis and management. The ODNI Chief Data Office has referred to data as an “IC Asset”. The NSA representatives will discuss some of these key methodologies and approaches to manage different types of IC data sets to allow ingestion and discovery within the IC-GovCloud. Managing IC data requires bringing together the expertise of the different services (e.g., policy and strategy, data conditioning, data tagging, data ingest, identity and access, hosting and compute, and discovery) to establish standard, consistent and interoperable, but flexible processes to support the various mission needs, while maintaining the security and integrity of IC data.

Changing the Paradigm: The Emergence of Open Source Intelligence as a Foundational Layer for Analysis

Cybersecurity Maturity Model Certification

Date: Wednesday, August 21
Time: 0830 – 0930 and 1030 – 1130 (Repeat)
Location: Room 17
Speaker: Katie Arrington, DoD

Session Description:
The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) recognizes that security is foundational to acquisition and should not be traded along with cost, schedule, and performance. The Department is actively working with the Defense Industrial Base (DIB) to enhance the protection of controlled unclassified information (CUI) within the supply chain.

As part of this effort, OUSD(A&S) is collaborating with DoD stakeholders, University Affiliated Research Centers (UARCs), Federally Funded Research and Development Centers (FFRDC), and industry to develop the Cybersecurity Maturity Model Certification (CMMC).

The CMMC will combine various cybersecurity standards, controls, and best practices to create levels ranging from basic cyber hygiene to advanced. Once implemented, the CMMC will reduce risk against a specific set of cyber threats.

The CMMC builds upon existing regulations and control frameworks while adding a verification component with respect to cybersecurity requirements.

The goal is for CMMC to be cost-effective and affordable for small businesses to implement.

Certified, independent, 3rd party organizations will conduct audits and inform risk.

Implementing Artificial Intelligence within the IC

Using Adversarial Reconnaissance to Address Third-party Supplier Cybersecurity Gaps

A Graph Approach to All-Source Analysis and Targeting

Exhibit Hall/Networking Break

Location: Tampa Convention Center – Central and East Halls – 3rd Floor

Visit the Exhibit Hall to check out 300+ innovative technology solutions! The Exhibit Hall is also a great place to find snacks and refreshments for a quick pick-me-up in between sessions.