Presented by: Dr. Matthew Johnson, CDAO; CDR Michael Hanna, ONI
The Deputy Secretary of Defense has said that Responsible AI is how we will win with regard to strategic competition, ‘not in spite of our values, but because of them’…but what does this actually mean? This presentation introduces the DoD’s work to operationalize this approach, showing how Responsible AI sustains our tactical edge. The presentation provides a deep dive into a key piece of the DoD’s approach to Responsible AI: the Responsible AI Toolkit. The Toolkit is a voluntary process through which AI projects can identify, track, and mitigate RAI-related issues (and capitalize on RAI-related opportunities for innovation) via the use of tailorable and modular assessments, tools, and artifacts. The Toolkit rests on the twin pillars of the SHIELD Assessment and the Defense AI Guide on Risk (DAGR), which holistically address AI risk. The Toolkit enables risk management, traceability, and assurance of responsible AI practice, development, and use.
Presented by: Mr. Bharat Patel, Army PEO IEW&S
To achieve its AI development goals, the DoD needs to partner with industry and academia in a manner that it has not before. This requires a match of innovation spaces (Industry) to deliver AI models to DoD mission spaces. There are technical challenges here, but also acquisition and policy challenges as we need a new model for interacting to make this a reality.
Moderator: Ms. Jennifer Hay, DDS
Panelists: Ms. Erika Bauer, DDS; Mr. Aaron Salmon, DDS; Ms. Rebecca Cellarius, DDS
Technology is not automatically accepted by users if it is difficult or confusing to interface with. DDS will discuss the concepts behind a superior user experience research and design process that enables increased adoption of new technologies like data analytics and AI.
Moderator: Dr. Craig Martell, CDAO
Panelists:: Mr. Duncan McCaskill, Navy; Mr. David Markowitz, Army; Mr. George Forbes, USAF
Panel discussion, led by Dr Martel with the MILDEP CDOs, regarding the service perspectives and operational approaches.
Moderator: Ms. Raffianne Doyle, CDAO
Speakers: Dr. Rob Liu, Navy; Mr. Daniel Andrew, Army
This session will provide an overview of the data integration layer (DIL), including the purpose in providing ubiquitous access to DoD data and the necessary cultural, procedural and technical change that has to occur to achieve it.
Moderator: Mr. Peter Teague, CDAO
Panelists: Mr. Jon Elliott, CDAO; Dr. Shannon Gallagher, CMU SEI; Dr. Catherine Crawford, IBM, Mr. Shiraz Zaman, Nand AI
A key problem with leveraging AI is understanding how it will integrate with existing workflows. I push this notion of understanding human parity in a given task so that we know what to expect when the model is deployed – i.e., we have performance parameters determined. However, with comprehensive capabilities, like LLMs, there may be multiple steps in a workflow that get replaced and we need to understand the impact of this.
Moderator: Ms. Rebecca King, CDAO
Panelists: Ms. Rachel Martin, NGA; Dr. Amy Soller, AI Lead for Capabilities at the DoD; Mr. Ramesh Menon, DIA
The DoD Combat Support Agencies work across boundaries to support both the IC and Warfighters. This talk will provide a high-level overview of the current challenges Combat Support Agencies face to achieving decision advantage.
Moderator: Ms. Jinyoung Englund, CDAO
Panelists: Mr. William Chan, CDAO; Ms. Katya Volkovska, CDAO; Mr. Jon Elliott, CDAO; LtCol Pedro Ortiz, PhD, U.S. Marine
How do we get to a data-driven and AI-enabled Department? How do we ensure our warfighters are enabled to successfully deter in any domain, and if necessary, decisively win in any conflict? Discover how shared investments can unlock economies of scale as we drive towards a collaborative data empowerment for a more responsible, inclusive, and efficient AI landscape.
Presented by: Dr. Michael Foster, USCENTCOM
Mission Command applications are the class of software products that allow automation of Battle Management, Command and Control functions for Strategic and Operational commanders. This session will highlight the capability of the currently fielded applications and identify where gaps exist in the process.
Presented by: Ms. Hillary Jett, CDAO; Mr. Jackson Perry, CDAO; Mr. Mitchell Fiedler, CDAO
As CDAO looks ahead, it discusses the strategy, opportunities and challenges for enabling the DoD to become more self-sufficient in solving their own data and analytic needs. Learn more about how CDAO intends to partner with customers to ensure they are connected to the full suite of CDAO service offerings that meet their needs.
Moderator: LtCol Jeffrey Wong, CDAO
Panelists: Dr. Kathleen Fisher, DARPA; Dr. Andrew Moore, Lovelace AI; Mr. Peter Guerra, Oracle
The rise of LLMs over the past year has accelerated the development of AI and educated the public about the potential of this powerful technology. It has also flagged some of the problems inherent in complex, data-centric systems, to the point where many noted data scientists have questioned the wisdom of progressing too fast. What have LLMs taught us about the future of AI? How does this technology change the trajectory or expectation of new technology development?
Moderator: Dr. Diana Gehlhaus, Special Competitive Studies Project
Panelists: Ms. Jennifer Schofield, DAIM; Rear Adm. Alexis Walker, NRC; MajGen William Bowers, MCRC
The question is not whether DoD needs digital talent, but rather how to get it, grow it, keep it—and how to use it most effectively. We’ll discuss the challenges facing DoD, including those systemic to the entire tech ecosystem, as well as those unique to DoD. We’ll explore ideas for addressing these challenges, and debate their pros, cons, and feasibility. There is no easy answer, but we’ll come away with a better sense of the options and trade space available to DoD.
Moderator: Mr. Brynt Parmeter, OUSD-P&R
Panelists: Mr. Michael Brasseur, Saab; Mr. Thom Kenney, Google; Mr. Mike Mattarock, CMUSEI; LTC Michael Michell, AI2C
Attracting and retaining skilled professionals proficient in AI has become a critical challenge for organizations worldwide. This panel will examine the strategies, insights, and innovative approaches drawn from industry experiences to effectively recruit and retain AI talent. We will explore case studies, best practices, and lessons learned from leading companies that have successfully navigated the complexities of talent acquisition and retention in the dynamic landscape of AI.
Moderator: Dr. Bill Streilein, CDAO
Panelists: Dr. Matthew Turek, DARPA; Dr. Nikhil Krishnan, C3 AI
The military’s and intelligence community’s experimental divisions will discuss where development of data, AI, and analytics will take us next.
Moderator: Dr. Abby Fanlo, CDAO
Panelists: Dr. David Barnes, Army; Mr. Bryce Goodman, DIU; Ms. Michaela Mesquite, ODNI
In 2020, the DoD became the world’s first military to adopt AI Ethical Principles, and the same year, the IC adopted its Principles of AI Ethics. But how are the DoD and IC putting these high level principles into practice, throughout their various operations and throughout the AI lifecycle? This panel will explore that question, through discussions with DoD components, including CDAO, Army, and the Defense Innovation Unit, as well as ODNI.
Presented by: Col Matthew “Nomad” Strohmeyer, CDAO
This session will discuss “Accelerating CJADC2 Through Experimentation.”
Moderator: Dr. Abby Fanlo, CDAO
Panelists: Mr. Neeraj Chandra, USAF; Dr. Billie Rinaldi, Microsoft
Discussion of the ethical challenges associated with developing and using LLMs in the national security context, including concerns related to bias, hallucination, and interpretability, and how those challenges differ from ethical challenges associated with traditional AI. The session will also touch on opportunities for industry and government to work together to advance the ethical use of LLMs.
Presented by: Mr. Andrew Brooks, CDAO; Ms. Rachel Rajaseelan, CDAO; Ms. Heather MacDonald, Deloitte; Dr. Stuart Battersby, Chatterbox Labs
CDAO is developing a number of tools included in the RAI Toolkit in order to provide Enterprise users custom solutions for developing and employing AI in a responsible and ethical manner. This workshop will give attendees a detailed look into several of these tools–including Data and Model Cards, the AI Model Insights (AIMI) platform, and Executive Dashboards–so they can see how they work and how they could be incorporated into future workflows.
Presented by: Dr. Celso de Melo, IPB
This talk will highlight research challenges cutting across Army, Navy, and Air Force use cases for large pre-trained models. These include research on multimodal models, knowledge distillation for deployment at the edge, continual learning, model composition, advanced reasoning capability, among others. We will also argue for a multi-tiered DoD compute infrastructure for AI R&D.
Presented by: Dr. Kimberly Sablon, OUSD(R&E)
In an effort to address disparate silo’d activities across the S&T community and help innovation to surmount the technology ‘valley of death’, OUSD R&E has begun to establish community hubs for researchers to work together on key mission challenges in a collaborative way. This talk will provide an overview the vision behind the R&E modality and domain hubs and provide status on their instantiation progress.
Presented by: Mr. Jon Elliott, CDAO
CDAO will share their lessons learned from testing critical AI systems, such as the measurement of data drift, testing of AI integration with legacy systems, and continuous testing. They will also provide with their insights on AI test and evaluation moving forward, including avenues for industry and DoD collaboration.
Moderator: Mr. David Jin, CDAO
Panelists: Dr. Beat Buesser, IBM; Dr. Nathan VanHoudnos, CMU SEI; Mr. Alvaro Velasquez, DARPA
As DoD systems become integrated with AI and autonomy capabilities, the question of novel attack surfaces and vulnerabilities arises. While adversarial AI has become a topic of great interest in recent years, much of the existing work within the field of adversarial AI has been done within academia and research.
This panel discussion will bring together DoD adversarial AI experts to discuss the realistic application of adversarial AI on the DoD’s AI-enabled capabilities.
Presented by: Mr. Jackson Perry, CDAO; MAJ Alexander Kline, CDAO; COL Sean McGee, Joint Staff J35
Join CDAO on a journey through the past, present and future goals of how to use data and analytic products to support incidents around the world.
Presented by: Ms. Rebecca Norfolk, CDAO; Dr. Jennifer Cowley, CDAO; Ms. Annaelizabeth Nichols, CDAO
Small businesses often find doing business with the DoD to be difficult and not conducive to their business models. CDAO is revolutionizing how the Department of Defense is engaging with Small Business through the CDAO acquisition ecosystem and CTO’s technical engagements. The discussion will educate about the CDAO’s Small Business Innovation Research (SBIR) program and other Acquisition tools and vehicles.
Moderator: Dr. Robert Houston, CDAO
Panelists: Mr. Evan Jones, UMD ARLIS ; Mr. Yosef Razin, IDA; Ms. Amber Mills, JHU-APL
This panel emphasizes the importance of Human Systems Integration (HSI) Test and Evaluation (T&E) throughout the lifecycle of an AI-enabled system, advocating for its implementation early, often, and always. Traditional HSI T&E data is usually captured through discrete experiments, an approach not well-suited for the automated, continuous testing required for AI/ML models. The panel will discuss (1) the challenges in instrumenting HSI-relevant data capture, (2) strategies and methodologies for integrating HSI into automated, real-time testing environments, and (3) innovative measures that utilize real-time user inputs such as search queries, tone of voice, response latency, and sentiment analysis.
Presented by: Mr. Matt Knight, OpenAI
We analyze the present and future impacts of Large Language Models (LLMs) on cybersecurity and cyber operations through both theory and real-world examples. This session will explore how large language models are creating new capabilities and risks for cyber threat actors and defenders alike.
Presented by: Mr. Nick Lanham, CDAO; Lt Col Travis “Wasta” Gomez, USAF
DoD dev activities benefit from direct access to mission data during development efforts. Discussion Questions: What are models for acquiring mission data in a non-interference manor? What are the pros, cons, and best practices for supplementing or replacing mission data with synthetic data? What resources exist to host mission data in test or other dev environments?
Presented by: Mr. Danny Holtzman, CDAO
A collaborative discusion around the challenges associated with Agile authorizations and AI. Outline the opportunities and exemplars. Lead to identification of interest in in participation of a CDAO/Industry AO round table being formed to continue the collaborations.
Moderator: Ms. Margie Palmieri, CDAO
Panelists: Dr. Michael Horowitz, OSD Policy; Lieutenant Colonel Kangmin Kim, ROK Army; Commodore Rachel Singleton, UK, Head, Defence AI Centre; Military Expert 6 Wilson Zhang, Singapore, Deputy Future Systems & Technology Architect
The United States works closely with allies and partners to apply existing international rules and norms and develop a common set of understandings among nations guiding the responsible use of AI in defense. This panel provides the opportunity to promote order and stability in the midst of global technological change. The United States has been a global leader in responsible military use of AI and autonomy, with the Department of Defense championing ethical principles and policies on AI and autonomy for over a decade. Among various national and international efforts, the United States, together with 46 nations, endorsed the Political Declaration on Responsible Military Use of Artificial Intelligence and Autonomy in November 2023, providing a normative framework addressing the use of these capabilities in the military domain. Given the significance of responsible AI in defense and the importance of addressing risks and concerns globally, the internationally focused session at the Symposium will be focused on these critical global efforts to adopt and implement responsible AI in defense. This panel will provide various country perspectives on the development, adoption, and implementation of principles and good practices on responsible AI, including multilateral efforts related to the Political Declaration on the Responsible Military Use of Artificial Intelligence and Autonomy.
LLM Maturity Models
Dr. David Talby, John Snow Labs (1015-1040)
Ms. Ashley Gray, Parsons (1040-1105)
Dr. Srini Ramaswamy, iWorks (1105-1130)
Workflow/System Integration of Maturity and Community Discussion
Mr. Bill Chappell, Microsoft (1130-1155)
Workflow/System Integration of Maturity
Dr. Scott Papson, AWS
Maturity Model Validation and Use Case Exploration
Dr. Vikrant Kobla, BlueHalo (1530-1555)
Dr. Lei Yu, Expression (1555-1620)
Dr. Derek Doran, Tenet 3 (1620-1645)
This workshop is a series of industry and government presentations of selected LLM use cases. The creators will present their case and then discuss with the audience. The goal is to begin to develop acceptability criteria that will be presented on the last day of the symposium.
Presented by: Mr. Cody Ferguson, OSD; MAJ Mackenzie Cohe, DTRA; Mr. William Chan, CDAO
To maximize mission impact and ROI, the DoD needs to increase the access and exchange of data across the Components, theaters, and domains. Discussion Questions: How can DoD SMEs and industry identify the right specifications to standardize the creation and deployment of increased API endpoint services across the diversity of DoD data types and mission domains? What are best practices in creating flexible, resilient, future proofing API services? What is the right documentation and reference resources to support API services?
Moderator: Ms. Angela Cough, CDAO
Panelists: Mr. James Ryseff, RAND; Brig Gen Michael McGinley, AFRL; Dr. Gregory Bernard, NSIN
DoD needs to take a flexible approach to digital personnel, both uniformed and civilian, to take full advantage of the available digital talent pool. This conversation will explore the problem and solution spaces of building teams out of different military and civilian components.
Presented by: Ms. Rachel Murphy, CDAO; Mr. Harley Stout, CDAO; Ms. Rosemarie Hirata, ODA&M
What does it mean to have data-driven management, and how does that look in the DoD? In this session, our Business Analytics Directorate will show the capabilities of Pulse and how it has changed DoD management.
Moderator: Mr. Jon Elliot, CDAO
Panelists: Cdre Rachel Singleton, Defence AI Centre; Dr. Bill Streilein, CDAO; Dr. Andrew Moore, Lovelace AI
Discussion of the ethical challenges associated with developing and using LLMs in the national security context, including concerns related to bias, hallucination, and interpretability, and how those challenges differ from ethical challenges associated with traditional AI. The session will also touch on opportunities for industry and government to work together to advance the ethical use of LLMs.
Presented by: Mr. Alex O’Toole, CDAO; Mr. Nick Lanham, CDAO
The DoD data science community collectively and at the Component-level are lacking the appropriate access to sandbox environments and compute resources. Discussion Questions: What is an average or reasonable compute resource allocation for data science use and is there a stratification across experience levels or mission applications? What are the right specifications for data science sandbox environments and where do they exist in the DoD today? Are data science environments best allocated from onprem distributive computing clusters or cloud-based resources?
Moderator: Ms. Jennifer Hay, CDAO
Panel Members: Col Matthew “Nomad” Strohmeyer, CDAO; Col Garry “Pink” Floyd, DAF-MIT; Mr. Chris Lynch, TRMC
DoD needs to take to heart the notion that these technologies are powerful, but we are not sure how to use them. This suggests the DoD should adopt a culture of experimentation that allows exploration all the way to the edge.
Presented by: Ms. Bonnie Evangelista, CDAO; Ms. Stephanie Wilson, ACC, Rock Island; Mr. Jason Caulkins, ACC
This session provides an overview of Other Transaction Authority (OTA) mechanism available to engage small businesses in the procurement of innovative capabilities. The Tradewindai.com portal will be discussed and demonstrated to support the discussion.
Presented by: Mr. John Shulli, CDAO; Mr. Cody Ferguson, OSD
Describe how DoD intends to use the Data Mesh concept of Federated Computational Governance to govern a DoD-wide Data Mesh.
Presented by: CAPT M.X. Lugo, CDAO
LLMs are an imperfect tool that has incredible potential but also self-evident shortcomings. Leaders, Industry and scientists must weigh the benefits and risks when deciding how to use this technology. This session is a kickoff to the conference-long LLM track of the symposium and highly recommended for all LLM workshop participants.
Moderator: Ms. Jinyoung Englund, CDAO
Panelists: Lt Col Travis “Wasta” Gomez, USAF; CAPT Jeff Anderson, USN
Time is of the essence to deliver AI-enabled and data-driven decision-making capabilities to the warfighter. In order to win, the Department must adopt design thinking and agile software development methodologies. CDAO is paving the way. Hear three TED talks where AW has successfully partnered with the Services to produce use case and user-driven prototypes that inform and shape what CDAO needs to deliver as an enabler of the Department.
Moderator: Frederick Johnson
Panelists: Tom Lam, ODNI; Charles (Chuck) Bellenger, ODNI; James Long, ODNI; Mac Townsend, ODNI
The Offices of the Department of Defense (DoD) Chief Information Officer (CIO) and Director of National Intelligence (DNI) Intelligence Community (IC) CIO are working together to deliver multi cloud services from “core to edge.” This forum will explore and illuminate key community findings and recommendations aimed at accelerating collective OCONUS cloud delivery. Panel discussion will also include the most up to date information regarding ongoing joint activities.
Presenters: Sean Miles, DIA; Stephen Lee, DIA; Adam Matthews, DIA
This presentation will introduce key DIA SCRM Senior Steering Group representatives from: CIO, OCI, OGC, CFO, SEC, and SCRM-PO. Moderated by CIO-SCRM, the Steering Group will lead a practical discussion on systemic supply chain risks and comprehensive risk-assessment reporting to support timely decision-making and risk mitigations. Steering Group members will dissect policies, controls, and processes when requesting DIA Supply Chain Risk Management services. Panel membership will also include a guest external customer – who will provide their perspective on the capacity to navigate DIA SCRM services, and receive ‘DIA SCRM Certs’ to support acquisition & deployment requirements.
Presenter: Ricky Clark, NIH
In May 2021, President Biden issued an executive order to strengthen and improve America’s cybersecurity. Known as “Zero Trust” the order called for federal agencies to wall off information technology (IT) systems behind a secure network perimeter. Two years later, federal agencies are “on the clock” and actively working to integrate Zero Trust architecture into their existing IT environment.
According to a recent report from General Dynamics Information Technology (GDIT), the “Agency Guide to Zero Trust Maturity,” civilian and federal agencies are making progress toward meeting zero trust but continue to face significant challenges in implementation, such as lack of IT expertise, identifying and prioritizing needs and concerns around repairing or rebuilding existing legacy infrastructure.
With a September 2024 deadline looming for compliance, what can agencies do to ensure they are compliant in 2024.
During this session, NIH Information Technology Acquisition and Assessment Center (NITAAC) will explore the barriers agencies face in realizing zero trust and identify solutions that exist within the confines of the NITAAC Government-wide Acquisition Contracts (GWAC)s.
The session will discuss the following:
• Overview of Zero Trust
• Common barriers agencies face
• Practical solutions within the NITAAC GWACs to help overcome them
Presenter: Cory Steer, NSA
As the U.S. Government shifts towards implementing a Zero Trust framework on its information technology systems, it’s essential that ICAM systems are deployed in a robust and defensible posture. Various attacks exist for exploiting existing ICAM technologies and processes. Defining threat models and secure processes for foundational identity and authentication services is critical to support the successful implementation across DoD & IC information systems.
Presenter: John Lee, NGA
Software is key to almost every NGA mission, which means NGA must provide its developers with the best tools to build, release, and operate software securely at the speed of mission. NGA’s Common Operations Release Environment (CORE) seeks to answer that requirement by providing a shared environment with a collection of integrated development and operational services for teams inside and outside of NGA. The beginning of CORE dates back to 2016, when NGA first delivered a modern Platform-as-a-Service for teams to build on. The capabilities grew over the years. Today’s version of CORE gives software development teams a common toolset to build software more reliably, efficiently, and securely on all domains. CORE currently has seven service offerings—DevSecOps, Platform-as-a-Service, API Management, Developer Experience, Continuous Monitoring, Workflow Orchestration, and Messaging—with ML Ops coming soon. This presentation will provide an overview of CORE services and how adoption of the CORE is facilitating fulfillment of the NGA Software Way strategy, as well as give some examples of mission capabilities delivered to operations through the CORE.
Presenter: Liza Briggs, USMC
Emerging technologies rely on a workforce that understands the importance of not only improving technology but also protecting it through actions such as reporting suspicious behaviors and activities. The presentation describes individual behaviors and work culture characteristics indicative of risk and threat from trusted insiders and unpacks reporting versus non-reporting behaviors. The presentation will also address cultural change strategies to build and maintain secure cyber landscapes through deliberate and ongoing engagement with people in ways that support the protection of our rapidly emerging technology spaces.
Presenter: Vanessa Hill, DIA
The ability to keep ahead of our adversaries is only possible with the right people, with the right talent, at the right time. This breakout session will discuss CIO’s Strategic Workforce Planning effort as a strategic investment priority utilizing an integrated repository, with a dynamic user interface, facilitating access to high-quality workforce data to enable accurate forecasting and enhancing decision-making.
Presenter: Graig Baker, DISA
DISA SD43 National Gateway Branch provides a range of assured messaging and directory services to a customer community that includes the Military Services, DoD Agencies, Combatant Commands (CCMD), and Other U.S. Government Agencies (OGA) and the Intelligence Community (IC). DISA is preparing to field the Organizational Messaging Service Java Messaging Service (OMS-JMS), a cutting-edge messaging and directory support solutions and services implementing the IC Message Service (ICMS) XML standard for hi-fidelity message formatting while continuing to support legacy ACP-127/128 gateway connections to provide seamless interoperability across our customer community for the preservation of National Defense. This presentation provides the messaging community an overview of the new DISA OMS-JMS solutions and services which are to begin fielding during FY24.
Presenter: Joshua Stageburg, SolarWinds
As Department of Defense (DoD) agencies work to manage some of the most complex IT environments, some are considering self-driving operations. To achieve full autonomy, agencies must have observability of the tech stack first. In this engaging session, Joshua Stageberg, Product Management lead for SolarWinds SaaS Observability Products, will explore how and why observability is a core tenet of self-driving operations and how it can overcome challenges posed by today’s IT environments.
Presenters: Katie Kalthoff, DIA; Jonathan Abolins, DIA; Joshua Burke, DIA
DIA Platform-as-a-Service (DPaaS) is an enterprise container management platform that provides an open ecosystem to build, integrate, and enhance applications and services to meet requirements for production mission capabilities. Containerized applications hosted on DPaaS environments benefit from scalability, built-in security, hybrid-IT capabilities, and infrastructure-agnostic deployments. DPaaS enhances a developer’s ability to focus on functionality, enabling mission applications to be rapidly prototyped, deployed, and moved at the speed of mission while reducing technical overhead. DPaaS is also a leading force in DIA’s effort to provide compute and storage services at Edge locations. DPaaS enables application developers to build once and deploy everywhere, meaning to multiple networks as well as to the Edge. Edge deployments are a necessity in the era of strategic competition where warfighters and decision-makers must be able to quickly access data and applications in low-bandwidth or disconnected areas. DPaaS is pushing deployments to regional and edge locations to enable mission support while making applications easier to manage. Edge deployments allow for fewer service disruptions to forward deployed intelligence personnel and continued operations during disconnected events. This greater flexibility and ability to meet mission need will be a driving factor for greater innovation within IC application development.
Presenter: Jamie Milne, NSA
Fine-grained attribute-based access controls (ABAC) are a fundamental component of zero trust architectures. Robust data tagging is an underlying necessity for implementing an enterprise ABAC solution. The National Security Agency will share lessons learned and future goals for their “Static Tags, Dynamic Policy” approach to designing and implementing robust data tagging to support fine grain zero trust access controls.
Presenter: Charles Bellinger, NGA
As part of NGA’s greater multi-tiered edge strategy, Joint Regional Edge Nodes (JREN) and Odyssey systems—designed to facilitate the movement of critical intelligence and data sharing—are being deployed to combatant commands. JREN is an innovative, highly scalable, next-generation edge node capability providing the foundation to support Sensor to Effect (S2E) and future ground architecture with multiple cloudlike layers to enable seamless interoperability and collaboration in both connected and disconnected states. Deployed in January 2022, JREN provides significant storage, computing power, transport bandwidth, and applications closer to the tactical edge. JREN will support expanding DoD, IC, and coalition customer requirements with AOR-specific content, GEOINT/partner applications, and high-performance computing. Odyssey is a forward-deployed system that provides access to applications and theater GEOINT data hosted on local servers to support users at the edge in the event of disconnected ops. Using a combination of hardware, apps, data, and products, Odyssey deployments are available via a web browser established on theater users’ networks and connected back to NGA. This presentation will focus on design considerations such as increased resiliency in Denied, Degraded, Intermittent, and limited bandwidth (DDIL) environments via direct satellite downlink; reduced transport latency; and use of NGA’s Common Operations Release Environment to develop, deploy, and operate modern GEOINT software. This presentation will also highlight how automation, artificial intelligence, and other JREN and Odyssey services are prepared for the exponential growth in intelligence sensors and collection capabilities.
Presenter: Vanessa Hill, DIA
In today’s digital age, websites and applications have become an integral part of our daily lives and the digital landscape has transformed the way we interact with the world. However, not all users have the same abilities, and it is crucial to ensure that digital experiences are inclusive and accessible to everyone, including those with disabilities. DIA’s first-ever 508 IT Accessibility lab promotes a more inclusive and diverse digital environment, where everyone can participate and benefit from digital experiences by ensuring products are usable and accessible to all users. Come join us to learn how DIA is developing and testing capabilities, such as improved closed captioning on multiple platforms (VTC, SVTC, and DVTC) to leveraging virtual desktop to host a lightweight application that provides translation capabilities to support DIA’s multilingual Deaf and Hard of Hearing (DHH) members, and more. Incorporating accessibility testing into your digital product development process, and embracing the power of accessibility testing and training, unleashes the full potential of your digital products and creates a more inclusive digital environment for all users.
Presenters: Jonathan Abolins, DIA; Katie Kalthoff, DIA; Joshua Burke, DIA
Hybrid IT provides a solution that combines the capabilities of commercial cloud, government-owned data centers, and edge devices into one single capability. By using Hybrid IT, the Defense Intelligence Enterprise gains the flexibility to leverage the advantages of each service model to address the needs of different mission sets. A mix of cloud and on-prem provides improved disaster recovery capabilities, higher availability, and the ability to access mission-critical applications and data from anywhere, even in disconnected locations. However, hybrid and multi-cloud architectures pose unique security challenges and require a different approach than what solely on-prem environments or single clouds require. Without additional protections, we face the risk of fragmented security solutions and a decrease in threat visibility. The Defense Intelligence Agency protects enterprise and customer applications with a security service mesh which provides zero-trust enabled capabilities such as authorization and access control, network segmentation, end-to-end encryption, and continuous monitoring. The application networking layer provides baked-in security from development to production and enables threat monitoring across fragmented application networks and clouds.
Presenters: Kevin Shaw, Guidehouse; Christine Owen, Guidehouse
The Executive Order on Improving the Nation’s Cybersecurity (EO-14028) was released over two and a half years ago. While the EO rapidly accelerated programs across the federal government, we are now in a position to reflect and look to the future of Zero Trust. We will share lessons learned from real-life Zero Trust deployments (including what has worked, what hasn’t) and how organizations can and should continually evolve and adapt their program.
Presenter: Gina Scinta, Thales Trusted Cyber Technologies
Quantum computing’s impact is likely to be large—the potential computational power could render today’s encryption algorithms obsolete. Attend this session to learn how to start the transition to quantum-safe cryptography and the key factors to consider when preparing for a quantum-safe encryption strategy:
• How long-term data is subject to early attacks
• Key initiatives that address the quantum threat
• What to look for in a quantum-resistant crypto solution
• How to design a quantum resistant architecture
Presenter: Tim Wood, DIA
The Defense Intelligence Agency is developing the Machine-assisted Analytic Rapid-repository System (MARS) to transform the management and production of intelligence on foreign military capabilities. This briefing will provide an update on MARS development efforts and discuss some of the lines of effort toward full operating capability.
Presenter: Bailey Bickley, NSA
Defense Industrial Base (DIB) companies are relentlessly targeted by our adversaries, who seek to steal U.S. intellectual property, sensitive DoD information and DIB proprietary information to undermine our national security advantage and economy. NSA is working to contest these efforts by providing no-cost cybersecurity services to qualifying DIB companies. NSA’s services are designed to help protect sensitive, but unclassified, DoD information that resides on private sector networks by hardening the top exploitation vectors that foreign malicious actors are using to compromise networks.
Eradicating cybersecurity threats to the DIB is an NSA priority. NSA’s Cybersecurity Collaboration Center (CCC) provides no-cost cybersecurity solutions for qualifying DIB companies. These solutions are easily implemented and scalable to protect against the most common nation-state exploitation vectors and are designed to help protect DoD information and reduce the risk of compromise. These services include Protective DNS, attack surface management, and access to NSA non-public, DIB-specific threat intelligence. Our pilot program is evaluating additional services for release.
Hundreds of industry partners of all sizes and complexities have already signed up for NSA’s cybersecurity services, which has helped protect these networks against malicious cyber activity. The no-cost cybersecurity services have also assisted with the early identification, exposure, and remediation of multiple nation-state campaigns targeting the DIB.
Presenter: Andrew Heifetz, NGA
With the rise of Commercial Cloud Environment (C2E), programs have the potential to use services from multiple Cloud Service Providers (CSPs). Multiple CSPs can decrease cost through competition and increase innovation by providing exquisite and unique services. However, developing for a multiple cloud environment is fraught with challenges including data gravity/portability, lack of interoperability standards, multiple cloud knowledge gaps, and security accreditation. In order to address these challenges and prepare for C2E, NGA conducted several multiple cloud pilots and will share the lessons learned as well as recommendations to prepare for multiple cloud development. This presentation is important for anyone considering multiple clouds and hybrid environments.
Moderator: Bob Crawford
Panelists: Randy Resnick, DoD; David Voelker, DoN; Jennifer Kron, NSA; Ben Phelps, ODNI; Evan Kehayias, NGA
This session is essential for attendees responsible for or in roles related to defending against the growing, sophisticated Cyber threats the DoD and IC face. To strengthen our defenses, a Zero Trust Architecture (ZTA) will be implemented across the DoD and IC. To enable this, sound strategies with support from a ZT Architecture (ZTA) will help to guide the DoD and IC to accomplish Zero Trust maturity from basic, to intermediate, to ultimately advanced levels over the next five years.
The Office of the Intelligence Community Chief Information Officer (OIC CIO) developed a comprehensive Zero Trust (ZT) strategy and framework. The framework was developed by the IC ZT Steering Committee (ZTSC) and approved by all 18 IC elements. This session will focus on the tenets of the framework to include 31 capabilities, 4 maturity models, 7 pillars, and the IC ZT Architecture.
DoD has developed their own robust Zero Trust framework. Working collaboratively the IC and DoD must implement Zero Trust, improving overall Cybersecurity while maintaining interoperability and data sharing capabilities.
In this panel discussion, cybersecurity experts from the DoD and IC will discuss both the challenges and opportunities to significantly improve information protection capabilities and implementations by adopting the Zero Trust approach — “never trust, always verify, assume breach” — to protect U.S. national security assets.
Presenters: Marissa Snyder, DIA; Lauren Hix, DIA; Lisa Schrenk, DIA
Vintage is in, but not when it comes to payroll and benefits. Operating in a 20+ year-old IT system, DIA’s Office of Human Resources (OHR) current processes are overly complex, manual, and siloed. This resulted in incomplete, inconsistent datasets and slow reaction times to pivot the HR apparatus to mission needs. Even more importantly, this has taken DIA employees away from mission by burdening them with mundane administrative tasks. Soon, all of this will fade into history (like disco)!
Propelled through the HR Modernization investment, we’ve taken revolutionary steps to transform DIA’s HR infrastructure to strengthen DIA’s mission posture for strategic competition. We invite you to learn more about our efforts and how we’ve gleaned helpful, data-driven insights from various studies of our workforce, networking with Department of Defense (DoD) and Intelligence Community (IC) partners, and engaging with commercial entities.
This transformative shift requires a whole-of-agency cultural change to scale our capabilities for future needs. The modernization and overhaul of DIA’s HR is centered around creating exceptional employee experiences, reducing process timelines, increasing data quality and transparency. Cutting through the chaos created by a constrained and outdated infrastructure, HR Modernization is enabling DIA to put the right people in the right place, with the right skills needed to execute the mission.
Presenter: John Boska, DIA
Many government processes are lengthy and time-consuming, including the process of taking an application from development to production on government hosted networks. This poses a problem for mission-critical applications for which speed and efficiency is essential for getting information to intelligence personnel in the era of strategic competition. DIA’s Capability Delivery Pipeline (CDP) was created to simplify and modernize application development in the IC. CDP is a streamlined software development pipeline which embraces the DevSecOps methodology and industry standards. CDP will streamline the Authority to Operate (ATO) process, incentivize continuous integration and delivery (CI/CD), and abstract much of the overhead that comes with developing and deploying applications – including built-in security, governance, and hosting. CDP’s strategic goal is to provide one ecosystem used for secure software, hardware, service development, testing, and deployment spanning DIA’s Unclassified (IL5), Secret (IL6), and Sensitive Compartmented Information (SCI) networks. CDP also aims to bring in more cloud service providers to DIA to allow for infrastructure-agnostic development and reduce costs of development by eliminating duplicate services and capabilities. This pipeline will enable max capability for DIA customers and stakeholders and increase information sharing with agency partners and foreign allies. Ultimately, CDP empowers DIA to accelerate the delivery of capabilities and services to obtain a competitive advantage against our adversaries.
Presenter: Chris Cyr, Sterling Computers
A full featured platform targeted for next generation wireless evolution that eases developer onboarding and algorithm development in real time networks. The development of future communication systems depends on the availability of a programmable end-to-end (E2E) research and innovation platform. Including network elements that are programable with rapid simulation, prototyping and benchmarking of experimental Machine Learning based algorithms and techniques.
Moderator: Ramesh Menon
Panelists: Robert Lawton, ODNI; Dr. Abby Fanlo, CDAO; Elham Tabassi, NIST
As AI becomes increasingly more prevalent and advanced, the potential to positively impact every sector of our society has become apparent. While AI technologies have created tremendous efficiencies in how we live, think, and choose to invest our time and energy, it also has the potential to harm those that use it if not properly managed. The risks can become especially high when AI is used for critical national security missions. As the Department of Defense (DoD) and Intelligence Community (IC) continue to adopt AI as a disruptive technology used to advance warfighting and intelligence gathering capabilities, it is imperative that we trust AI that is being used for these critical national security missions. On this panel, you will hear from experts spearheading the AI Ethics initiatives that will affect industry, DoD, and IC. Topics discussed will include the new AI Risk Management Framework, DoD Ethical AI Principles, and how these will affect how we use and create trustworthy AI systems. Panelists include AI Ethics experts from the Chief Digital and Artificial Intelligence Office and National Institute of Standards and Technology. This panel will be moderated by DIA’s Chief Technology Officer, Mr. Ramesh Menon.
Moderator: Sudhir Marreddy
Panelists: James Long, NGA; Ben Davis, ODNI; Amy Heald, CIA; Dylon Young, OUSD (I&S)
This session will be a must-attend breakout for attendees to gain an understanding and perspective of the emerging technologies that present both threats and opportunities for U.S. national security. The panelists will include participants from both the DD and IC covering rapidly emerging technology areas such as AI/ML, Cloud, Cybersecurity/Zero Trust, Data, Digital Foundations, Interoperability, Networks, and more.
With adversaries on the cusp of surpassing the U.S. in the near future, challenging our technological leadership, this panel will discuss the existential threat of rapidly emerging technologies. We will explore how we can both protect U.S. national security and prevent our adversaries from gaining access to, acquiring, developing and advancing their capabilities while we leverage those same capabilities.
Presenters: Col Michael Medgyessy, USAF
DAF CLOUDworks provides Enterprise and Security Services (IaaS), Platform as a Service (PaaS) and Collaboration tools (SaaS) to the DoD and AF IC. Partnered with Platform One, we provide DevSecOps pipelines across the Unclass, Secret and Top Secret cloud environments. Using our Operational DevSecOps for ISR NEXGEN (ODIN) platform enables your developers to focus on your application instead of underlying infrastructure. Our enterprise services reflect the security guardrails our Authorizing Official set forth. We are constantly iterating and adding common services to bring max value to our customers across the DoD and IC.
Presenters: Chris Folchi, DIA; Ronnita Lyons, DIA
Consistent with the theme of Chaos to Clarity, leveraging emerging technologies, this presentation will lead a practical discussion on developing and implementing a governance model with executive sponsorship that enables long term sustainability of software platforms and better decision making when it comes to selecting an appropriate IT solution for their automation needs.
Presenter: Jamie Milne, NSA
Fine-grained access control is a core component for enabling mission systems to implement advanced zero trust architectures. GATEKEEPER is the proprietary solution developed by the National Security Agency to implement mission-based entitlement management and is available to partners. GATEKEEPER’s configurability empowers mission owners by decoupling need to know access from organizational structures. This foundational design decision further enhances the ability of mission owners to enforce fine-grained access controls on their mission data.
Presenters: Tomas Monell, USSOUTHCOM; Jacob Webster, USSOUTHCOM
Presenter: Dan Hetrick, ODNI
Building clarity into a shared vision by defining the chaos. What does DEIA have to do with aligning a workforce? Diversity, Equity, Inclusion, Accessibility. Regardless of how one sees the message of DEIA, amazing potential rises by aligning organizational mission with DEIA principles.
This presentation will highlight 10 ways to begin building a mindset under the Universal Principles within DEIA that will create a vision that drives mission to produce these benefits (at minimum), including better informed leaders in tune with the workforce, effective decision making, a shared vision that everyone supports, better products usable by everyone, Innovation, Security, Risk Mitigation, effective succession planning, and finally… A model of excellence for everyone to follow!
Moderator: Ramesh Menon
Panelists: Eric Ostby, Aliro Quantum; Brandon Rodenburg, MITRE; Terry Halvorsen, IBM; Pete Shadbolt, PsiQuantum
As an emerging and disruptive technology, quantum computing is increasingly important to national security as the Defense Intelligence Agency focuses on Strategic Competition. The quantum panel includes perspectives from industry and research and development quantum experts with a focus on applications of quantum computing, quantum networking, major players in the quantum realm, and how we can collaborate to enhance quantum technology to meet the demands of Strategic Competition. Panelists will include subject matter experts from the Aliro, MITRE, IBM, and Psi Quantum. This panel will be moderated by DIA’s Chief Technology Officer, Mr. Ramesh Menon.
Moderator: Shannon Paschel
Panelists: Elciedes Dinch-Mcknight, DIA; Katie Lipps, DIA; Dr. Rosemary Speers, DIA ; Lori Wade, DIA
CIO is trying to foster a growth mindset to drive organizational change in culture and structure by making a concerted effort to develop and promote leaders from within and to fully utilize the talents of executive women for more diverse leadership. Addressing barriers and challenges experienced from various types of discrimination and bias based on the intersection of gender, race, and other personal characteristics. CIO Women in Leadership Program showcases a panel of women leaders who share their experiences and successful strategies to advance their careers at DIA-CIO. A key to success for women to achieve Senior Executive Levels at CIO is allyship and advocacy. According to research and organizational best practices, inclusive behaviors and communication patterns from all employees and leaders create inclusive organizational cultural change.
Presenters: Cory Steer, NSA
Cryptography is the cornerstone of securing communications, protecting critical intelligence data, and trusting digital identities. The dawn of quantum computing has put current asymmetric encryption algorithms in jeopardy of being compromised. Leveraging partnerships to define, develop, and deploy solutions supporting post quantum resistant algorithms is crucial for continuing to secure America’s vital equities.
Presenters: Sonny Hashmi, GSA; Brian Shipley, Navy; Chris Hamm, GSA
Government procurement is often a complicated business. Between budget issues, Federal Acquisition regulations (FAR), and mission-critical needs, getting the products and services you need in a timely and straightforward manner is challenging at best.
Hear from customers and users who balance these requirements every day and help make it easier to get technology to the mission at the speed of need. The discussion will focus on the acquisition space and how partnerships between federal agencies can make it easier to rapidly field emerging technologies and do business with and across government.
Presenter: Dan Ortiz, Intelsat
Deployment and coordination of satellites across various orbits – Low Earth Orbit (LEO), Medium Earth Orbit (MEO), Geostationary Orbit (GEO) – play a pivotal role in maintaining global security. In this session, we’ll discuss how evolving multi-orbit satellite and terrestrial network solutions can efficiently bolster our defense infrastructure and equip future forces across allied operations to gain and keep the advantage in changing threat environments. We’ll cover how innovative software-defined satellite and space-based optical network technologies can be leveraged for missile detection and tracking systems, real-time surveillance, secure resilient communications across domains, military IoT and sensor networks, and AI-driven edge analytics.
Presenter: Stephen Kensinger, DIA
DIA is taking a holistic approach in reviewing and modernizing all of its provided services for Zero Trust to support the demands for its future data-centric architecture. This discussion will include how the agency is approaching Zero Trust to be a mission enabler for the Enterprise. This DIA vision includes efforts to streamline the Risk Management Framework (RMF) by integrating results through Zero Trust enabled technology/services and modernized processes. Although focus has been for near term maturity requirements, the team has started to explore the integration of machine learning to contribute to this streamlining effort. It will also delve into the planning and prototype efforts that the DIA Zero Trust team has led for development and integration of core cyber services to provide entitlements access to properly tagged data objects. The DIA Zero Trust team has partnered with DIA mission stakeholders and our Chief Data Office to begin to address these challenges and to convey to the workforce the new value these modernized DoDIIS services will offer to mission.
Presenter: Robert Williams, DIA
The Defense Intelligence Agency’s Analytic Innovation Office will discuss the AI Roadmap for All-source Analysis, which adds clarity and cohesiveness to the all-source analytic modernization process. The Roadmap provides a comprehensive and applied approach to artificial intelligence (AI) that spans experimentation, quality and tradecraft assurance, AI skills and digital literacy development, and business process improvements – aspects that were largely fragmented until now. The Roadmap achieves clarity from chaos by tightly aligning six key objectives that address the application of applied AI methods to mission, building an AI-ready analytic workforce, and equipping AI practitioners with a framework for ensuring compliance with analytic tradecraft standards. Hear about the critical challenges such as systematically upskilling an analytic workforce, accelerating the development of an AI-ready workforce by reducing the skills gap with low code solutions, and assessing analytic workflows at-scale to identify optimal human-machine-teaming opportunities. Other challenges include accessing data in ways that enables the leveraging of machine learning methods at-scale, and pivoting from reactionary to predictive analytics. You will hear about aspects of AI adoption through the lens of an organization responsible for leading analytic modernization, that will leave the audience and industry participants with an appreciation for the unique challenges of achieving AI-readiness within an all-source analytic organization.
Presenters: Peter Guerra, Oracle; Josh Tatum, Oracle
Tactical edge capabilities enable organizations to extend cloud services and applications to the edge. This allows for improved performance, security, and availability of applications and services, as well as to collect and analyze data at the edge, which can provide real-time insights and decision-making capabilities in connected and disconnected environments. Tactical edge capabilities, across classification boundaries, allow the warfighter to obtain situational awareness through edge compute, AI, and security where needed. This talk will walk through the use of tactical edge within the DoD and IC to present real world use cases.
Presenters: Theresa Kinney, NASA; Kanitra Tyler, NASA; Jeanette McMillian, ODNI; Lisa Egan, DIA
US Government Employees Only. Welcome to “The Exchange”; an internal, selective government-only community of intelligence and non-Title 50 agencies dedicated to initiating practices that help secure government-wide supply chains. It is where agencies and programs demonstrate and share their best practices towards mobilizing unique agency missions and authorities to mitigate risk. This panel of community members will inform and educate USG participants of opportunities and resources to help them secure IT supply chains at their agencies; moving from the Chaos of Risks and Threats to the Clarity of Actions that help address active management of supply chain risk.
Presenters: Kalib Mata, DIA; Heather Scarpato, DIA
The IT landscape across the US Government is uniquely complex and integration is key to national interests, security and collaboration. DIA offers recognized TS/SCI IT and security compliant expertise to meet current and emerging IT needs across broad customer sets. As part of CIO customer engagement, the CIO Senior Representatives (CSRs) and the DoDIIS Modernization Program Office (DPO) team ensure a seamless customer journey from requirement intake through fulfillment and sustainment.
Presenters: Ben Davis, ODNI; Ron Ripper, ODNI; Colonel Christian Lewis, ODNI
The Intelligence Community Information Environment (IC IE) and the Department of Defense Information Network (DoDIN) underpin IC and DoD missions. Today, we are more dependent on and also more vulnerable to attacks on assets in cyberspace than we have ever been. The benefits of emerging and over-the-horizon technologies are immense, but also introduce new attack vectors for malicious cyber actors. The partnership between the IC Security Coordination Center (IC SCC) and Joint Forces Headquarters DoDIN (JFHQ-DoDIN) is vital to defending the Nation’s most secure networks and critical national security information. Both organizations will discuss their mission, their partnership, and seek opportunities to extend the partnership to the broader USG, and harness the power and expertise our industry partners bring to bear.
Presenter: Brandon Little-Darku, NSA
Our competitors are increasingly and deliberately seeking to erode U.S. advantage. Next Generation Encryption (NGE) is aggressively challenging present-day norms to ensure the Joint Force and the Intelligence Enterprise will deter adversaries and prevail in tomorrow’s conflict. Building enduring advantages involves five key focus areas – (1) Transform the Cryptographic Foundation, (2) Make the Right Technology Investments, (3) Adapt and Fortify our Cryptographic Ecosystem, (4) Strengthen Resilience and Adaptability to Match Pacing Threat, and (5) Cultivate the Workforce of the Future.
Presenter: John Gibbons, AT&T
In the Intelligence Community (IC), a fast-changing global security landscape is creating unprecedented operational pressures. Companies such as AT&T are continuously investing in infrastructure to optimize day-to-day operations to keep pace with global demand. IC agencies can leverage these commercial innovations to accelerate their own digital transformation. This presentation will cover the network trends and technology limitations that have driven AT&T’s network evolution approach, and the underlying technology that underpins AT&T’s network modernization efforts.
Looking to increase your data sharing and help your data find a new mission user base? Do you have limited data acquisition resources and want to take advantage of what the DoD and IC already have to offer? Explore how IC Data Services can assist your Agency/Organization to make your data discoverable, accessible, usable, and interoperable. IC Data Services, an ODNI Service of Common Concern, is foundational to enabling IC organizations to move forward on IC Data Strategy and component data strategy, gaining organizational efficiencies and mission outcomes in the process.
Presenters: Kathy Bryant, DIA; Kim Davila, DIA; Deb Melancon, DIA
Introduction to DIA provides small businesses information on interacting with DIA, an overview of DIA’s small business goals, how to do business with DIA (the basics), programs such as 8(a), Mentor Protégé Program, where to find opportunities, upcoming conferences, and events.
Presenter: Michael Campbell, Privoro
The modern smartphone revolutionizes the way life and business is conducted around the world. Unfortunately, in DoD, mobile devices are either banned or used with great operational security risk. Good news. The Government has worked with industry to create a solution that allows smartphone use in classified spaces and provide 24/7 enhanced operational security. This presentation tells the story of how DoD can finally trust smartphones. No more phone lockers!
Presenters: MJ Belgard, DIA; James Elliott, DIA
This presentation will provide an overview of cyber threat intelligence through a concept called pivoting. We will discuss how to hunt for advanced persistent threats using multiple third-party tools and data sets, so cyber defenders can contribute in helping to identity infrastructure associated with cyber threat actors.
Presenters: Katie Lipps, DIA; Marlene Kovacic, DIA
Are you an industry provider of hardware, software, and/or services? Come learn how you can partner with DIA to protect yourselves from threats posed by adversaries in order to become a stronger and more secure partner supporting Agency and CIO top initiatives. This session will focus on what elements of your organization you need to be focusing on, high level concepts you can implement, and how your improved security posture benefits your partnership with DIA.
As part of the DoDIIS Conference this year, NASA SEWP has been authorized to offer attendees an exclusive, in-person training session bringing Government agencies and industry providers together to dig into the world of SEWP. Pre-registration is required and is only available to participants of the DoDIIS Conference.
During this training you will be able to explore emerging federal acquisition trends and gain valuable insights about our diverse range of products and services directly from the SEWP Program Management Office (PMO). We are delighted to offer a comprehensive demonstration of our cutting-edge web tools. This engaging session will equip you with the most up-to-date knowledge and ensure you are fully proficient in utilizing our advanced online resources. We want to empower you with the tools you need to succeed and stay ahead of the curve.
This training is designed for both newcomers to SEWP and those seeking a refresher. Don’t worry if you’re unfamiliar with SEWP; we’ll guide you every step of the way. Plus, your attendance will earn you 4.0 Continuous Learning Points (CLPs) It’s an opportunity you definitely don’t want to miss!
10:00am – 12:30pm: Training Session (please arrive a few minutes early to be checked in prior to the training)
Pre-Registration is required and limited to 100 participants! Reserve your space here.
1021 NE Grand Avenue
Portland, OR 97232
Hotel Phone: 503-235-2100
Hotel Website
Distance to the Oregon Convention Center – .2 miles
Distance to Light Rail – 0.5 Block
Per Diem Rate – $152 – SOLD OUT
Cut-Off date – Friday, November 10, 2023; if the block has not been filled already.
Hotel room rates are subject to applicable state and local taxes, currently 16%, in effect at the time of check-in.
435 NW Wasco Street
Portland, OR 97232
Hotel Phone: 503-234-3200
Hotel Website
Distance to the Oregon Convention Center – .4 miles
Distance to Light Rail – 2 Blocks
Per Diem Rate – $152 – SOLD OUT
Industry Rate – $179 – SOLD OUT
Cut-Off date – Thursday, November 23, 2023; if the block has not been filled already.
Hotel room rates are subject to applicable state and local taxes, currently 16%, in effect at the time of check-in.
1401 SW Naito Parkway
Portland, OR 97201
Hotel Phone: 503-226-7600
Hotel Website
Distance to the Oregon Convention Center – 2.1 miles
Distance to Light Rail – 6 Blocks
Per Diem Rate – $152 – SOLD OUT
Cut-Off date – Monday, November 20, 2023; if the block has not been filled already.
Hotel room rates are subject to applicable state and local taxes, currently 16%, in effect at the time of check-in.
This panel brings together high-ranking combatant commanders to discuss the practical integration of advanced technological systems, including AI and automation, within operational theaters. The commanders will discuss tactical implications of these technologies, their impact on mission-critical decisions, and the DoD’s strategic vision for their future deployment.
In this fireside chat we are going to have a conversation with two of the DoD’s premier R&D organization’s senior leaders. We will be covering topics such as SAP IT, cybersecurity, risk, mission, and policy. You are going to want to come to this chat to understand how well we are communicating at the most senior levels, where our community can do better, what keeps them up at night, and the challenges imposed by R&D.
The Secretary of the Air Force Concepts, Development and Management Office (CDM) Mission Architecture Division will present an overview of FENCES, a DoD Managed Service Provider (MSP). The platform offers a secure cloud hosting environment for Special Access Programs at any classification level. The presentation will provide an overview of the platform and provide example use cases from across the Air Force. Attendees will also learn about the Upcoming Enchantments to FENCES and process for on boarding.
Derek Claiborne, Chainalysis
Jackie Koven, Chainalysis
Web3 is all about innovation and collaboration – but with that comes heightened risks. Chainalysis has a commitment to creating a safer environment for all who enter the world of Web3. In this discussion, we will explore blockchain’s potential in addressing challenges faced by our warfighters. The evolving threat landscape involving strategic competitors, rogue nations, and terrorist groups is examined, with a particular emphasis on their exploitation of cryptocurrencies for illicit activities. The role of blockchain technology in countering these threats is then elucidated, showcasing its characteristics like decentralization and transparency.
This includes a deep dive into using blockchain for geolocating threat actors and tracking illicit activities. International collaboration and the integration of blockchain-based intelligence into defense strategies are discussed as well. Challenges, considerations, future prospects, and recommendations for blockchain adoption in cybersecurity and defense form vital segments of the discourse, ultimately underlining the significance of embracing emerging technologies like blockchain to empower warfighters and enhance national security in an ever-evolving digital landscape.
Audiences will gain a comprehensive understanding of how blockchain technology can effectively address blockchain-enabled threats and enable the geolocation of threat actors in the realm of cybersecurity and defense. They will also recognize the pivotal role of international collaboration and blockchain integration in bolstering national security efforts across evolving global challenges.
Harry Cornwell, Palo Alto Networks
Delivering zero trust at an enterprise level begins with a fundamental change in how the DoD builds its cyber security architecture to prioritize both security and performance. Zero trust is built upon the foundation that there is already a malicious actor or compromised data or devices within the enterprise. This assumption creates a need for a process of continuous validation of users, devices, applications, and data in an entirely controlled and visible manner. With Palo Alto Networks’s Zero Trust Network Access 2.0 (ZTNA 2.0), coarse-grained access controls based on an “allow and ignore” model is left behind to introduce a consistent least-privilege access control model focusing on application layer security inspection.
Josef Allen, USAF
Adam Gruber, Applied Insight
Those defending our nation depend on access to accurate, timely information – and must manage large amounts of data from more sources now than at any other point in history. Disparate data sources, networks, and classification levels currently make it impossible for users in SAP and CAP environments to view data within a single standardized and normalized lens, limiting mission agility and increasing the time between data ingest and incorporation into command decisions.
To overcome these limitations, mission teams must currently develop custom tools and rely on manual processing of information to aggregate data and inform decisions. Feature gaps in pre-existing cloud capabilities within SAP environments further inhibit Guardians and other teams from efficiently leveraging cutting-edge technological capabilities to satisfy mission requirements, such as real-time data streaming, access to native cloud resources, and multi-cloud capabilities.
Providing holistic data processing in SAP environments presents three major challenges: data transfer across and between classification fabrics, data access governance, and multi-tenancy. Additionally, implementing a fully comprehensive Zero Trust Architecture is paramount.
This problem is complex, but with the right tools it is solvable.
To accelerate data sharing to mission teams in a Common SAP across classification fabrics and disparate networks, USSF built a highly scalable, multi-tenant, ATO’d environment – empowering program teams to migrate critical mission workloads to the cloud while maintaining logical separation of those workloads. Additionally, the USSF team designed and implemented a cutting-edge data management capability that enforces Zero Trust access to data assets leveraging a cloud-based architecture.
Douglas Gourlay, Arista Networks
In this presentation, we delve into the challenges and possible solutions when designing a unified, multi-domain network architecture that seamlessly integrates a diverse range of platforms: GEO & LEO satellites, airborne platforms, terrestrial networks, GovCloud transit, and trans-oceanic cables. This architecture not only ensures dynamic, encrypted, and secure multi-access networks, but also incorporates a self-healing fabric that can adapt to signal-denied environments while reducing operational load.
Complementing this vision, we will explore the paradigm shift from legacy network operating models towards a software-centric ‘modern operating model’. Here, configurations are procedurally generated by automation that incorporate variables from multiple discrete systems-of-record. We also simulate network changes in a virtual twin environment, deploy to the network upon completion, and generate comprehensive documentation of the change.
The National Institute of Standards (NIST) has released several Post Quantum Cryptographic Algorithms planned for standardization in 2024. The National Security Agency has announced the Commercial National Security Algorithm (CNSA) Suite 2.0. The executive branch has released NSM-10. What does this mean for the SAP community?
Dr. Whitfield Diffie, Dr. Robert Campbell, and Mr. Charles Robinson will discuss what this means for SAP program managers and how they can effectively plan for the upcoming migration to post quantum cryptography. The Panel will discuss current and past cryptography role outs.. The panel will discuss process, landscape, and do a deep dive of the underlying cryptography. The panel will explore past cryptographic migrations best practices and discuss what’s different now. A discussion on what government organizations should be aware of when migrating to the new Post Quantum Cryptography Algorithms. We will discuss of best practices guidelines that NIST NcCOE program is developing to support implementation and transformation of government IT environments. Finally, some consideration of the strategy and a tactical construct SAP program managers should consider when migrating to a Quantum Safe enterprise.
In this session, we will delve into the transformative impact of Infrastructure as Code (IaC) models on modernizing network operations within the Department of Defense and Intelligence Community. The focus will be on leveraging procedural generation and IaC models for creating networking configurations, coverage-guided automated testing, and self-generating documentation. These techniques, integrated across a next-generation WAN, Campus, and Data Center reduce the complexity inherent in traditional networking configuration. This approach fosters the creation of repeatable design patterns that automate efficiently at scale and facilitate the generation of digital twin environments for functional testing and staging deployments.
Then we will discuss and demonstrate a practical application of these models and technologies in deploying and operating a global WAN, encrypted with quantum-safe/secure cryptography, with trusted and measured/attested secure booting of each router, and utilizing a combination of networks including geostationary and commercial low-earth orbital satellites, LTE/5G, free-space photonics, public and private MPLS services, dark fiber and wavelength services, submarine transoceanic cables, and cloud provider backbones.
Artificial Intelligence and Machine Learning (AI/ML) applications in cybersecurity sensing are heavily focused on threat detection by identifying abnormal indicators and eliminating false positives. The mathematical techniques used to achieve this have converged, with most applications still focused on perfecting existing algorithms. However, there are many aspects of human cognition which are not captured by AI/ML algorithms as they are applied today. Creativity, intuition, contextualization, topology, and even the special theory of relativity are emerging perspectives for AI/ML. New approaches are critical to “level up” our current sensing tools, and create the next generation of advanced artificial intelligence-driven cybersecurity.
In most discussions about the digital divide, we’re referring to the fact that approximately one-third of the world’s population lacks access to the internet. We often associate it with developing countries and attribute it to factors such as economics and infrastructure. The negative consequence of this digital divide in the information age is that we leave behind individuals and entire communities. As cloud technologies become central to everyday life, that divide grows wider. Ironically, although the SAP community works on the most bleeding-edge technologies for our warfighters, it also suffers from being on the wrong side of a similar digital divide. In this session, we’ll look at how we can close the digital divide for the SAP community.
Many agencies are running on less reliable, less feature-rich fortressed versions of commercial clouds. With a more modern approach to the cloud, governments can gain the agility that today’s most resilient businesses use to serve their missions, while keeping data protected.
Join Ms. Leigh Palmer (VP, Technology Strategy and Delivery at Google Public Sector) and Mr. Brian Morrison (Vice President and General Manager
Cyber Systems, General Dynamics Mission Systems) in this session to learn about the latest innovations in multi-cloud capabilities, allowing governments to enable analytics and AI, security, and collaboration at the edge.
A view into DoD Zero Trust standards (capabilities and activities), emerging technology needs for accelerating ZT adoption, ZT Implementation Plans, and Near-Term Milestones understanding that these technological and cultural change hinge on close collaboration among academia, industry, research labs, and government.
To ensure the security of our nation, the defense and intelligence communities work tirelessly to maintain a strong advantage, and AI is an important differentiator in this endeavor. Fully integrated artificial intelligence solutions can create a decision advantage against our adversaries, improve strategic and tactical readiness via improved fleet health and resilient logistics, and dramatically improve the effectiveness of cybersecurity initiatives. Come hear Ed Abbo, President and Chief Technology Officer of C3 AI, share how commercial and government leaders are harnessing Gen AI for next generation national security solutions to safeguard our nation.
Scott Devitt, General Dynamics Mission Systems
Brian Newson, General Dynamics Mission Systems
The GDMS Chief Engineer for Multilevel Security, Scott Devitt, will demonstrate and explore real-world SAP use cases with MLS containers for DE Environments. During his 37 years with General Dynamics, Scott has designed, built, installed, and maintained classified capabilities for the DoD and IC including operational mission cells supporting forward locations with multiple stove piped networks at different classification levels. His presentation will highlight the value of a DE polyinstantiated or containerized framework in safeguarding SAP data and the benefits of leveraging a multilevel file share when working across multiple connected classified environments. It will also discuss the challenges faced in integrating the innovative capability into legacy stovepipe SAP networks with existing applications and explore potential solutions.
In summary, these three leading edge MLS DE design patterns present a robust set of solutions to the growing challenge of collaborating and working effectively in the ever-complex SAP community. By leveraging this capability, organizations can bolster security, consolidate costly licenses across networks and safeguard their most valuable data while also dramatically improving user operational efficiency on their primary network. By employing containerized applications, data transfers between networks are eliminated, reducing the risk of information leakage through unauthorized channels.
Dr. Mattikalli will present current and strategic industry trends in key technologies related to AI/ML, IT modernization, and system sustainment. Specifically, this session will discuss key technology trends with emphasis their application to special access programs within the context of need for system security, strict cybersecurity compliance and acceptance of risk profile, while meeting the needs for rapidly experiment with asymmetric capabilities and deliver new technologies at scale.
This session will discuss the impetus behind SAP Enterprise Reform (SER); provide an overview and status of current SER initiatives, to include SAP architecture and policy changes; and identify SER next steps.
Operational Technology (OT) plays a crucial role in controlling industrial processes and our critical infrastructure. However, with the rise of the Internet of Things (IoT) and increased connectivity, OT systems face amplified cyber risks. Historically isolated, these systems now often intersect with IT networks, making them vulnerable to threats, especially given their outdated software and the difficulty in patching them. The stakes are high: cyber-attacks on OT can disrupt power grids, halt manufacturing, and pose significant safety threats. Addressing these concerns requires a holistic strategy, integrating both OT and IT cybersecurity measures. As we advance in this digital age, it’s imperative that we prioritize and invest in the protection of these vital systems.
In the presentation “Breaking Barriers with Generative AI: Enhancing Systems Security and Data Sharing for the Warfighter,” we will explore the transformative potential of Generative AI in the context of emerging technologies to support the warfighter. This presentation directly addresses the theme of the conference, which focuses on the intersection of systems security, access management, and data sharing.
The Department of Defense (DoD) should care about the application of Generative AI because it offers a unique opportunity to overcome existing barriers and enhance the DoD’s systems security and data sharing capabilities. Generative AI has the power to revolutionize the way the DoD operates by enabling the creation of synthetic data, generating realistic scenarios, and simulating complex environments. This technology can significantly improve training, testing, and decision-making processes, leading to more effective and efficient warfighter operations.
By leveraging Generative AI, the DoD can enhance systems security by simulating and identifying potential vulnerabilities, predicting and countering cyber threats, and developing robust defense mechanisms. Additionally, Generative AI enables secure and controlled data sharing, allowing the DoD to collaborate with partners, share information across agencies, and leverage collective intelligence while maintaining data privacy and integrity.
The impact of embracing Generative AI in the DoD environment is significant. It empowers the warfighter with advanced tools and capabilities, enabling them to make informed decisions, respond rapidly to evolving threats, and achieve mission success. By breaking barriers with Generative AI, the DoD can enhance its operational effectiveness, improve situational awareness, and ultimately ensure the safety and security of the nation.
Leveraging AI to augment our information forces gives us massive new capabilities. Adversaries know the same thing and are trying to do the same thing. A small amount of high-performance computing (HPC) in the right places will solve many problems of AI relating to deployment, engagement, and data ingestion in environments where data security and access controls are paramount.
Using AI in secure, reliable, resilient, rapidly updated ways will give us an edge. Relying on commercial cloud providers for all computing, R&D, and services for machine intelligence is a risky way to get that edge. Relying on commercial cloud for the foundations and using in-house HPC expertise and resources to deliver the last mile of machine intelligence will reduce risk and accelerate the adoption of secure, reliable, robust, and repeatable AI inside the enterprise.
Today’s warfighter is more connected than ever before to a streaming vector of actionable intelligence. Platforms, systems, and data – all traversing an ever-increasing number of endpoints. As we look to events around the world as leading examples of how the battleground continues to change, we are called to action to improve both the offensive and defensive digital capabilities of our military. To win, our priorities must clearly align to automating heterogeneous environments at a moment’s notice, delivering consolidated AI-infused digital experiences to each warfighter, and leverage Automation and AI to protect our digital advantage.
Scaling quantum computers will eventually break the digital security used in virtually all modern data networks. For decades, our adversaries have been collecting encrypted communications with the intention of decrypting and operationalizing it when larger quantum computers become available. This Cold War technique is known as “harvest now, decrypt later” (HNDL); it makes headlines today because quantum computers can break our existing algorithms by brute force. The transition to Post Quantum Cryptography (PQC) does not solve the HNDL problem because the new algorithms have no mathematical proof of hardness. As such, NIST advised developers to be “crypto-agile” and prepared to replace PQC at any time in the future.
For decades, implementation errors, weak encryption keys, poor randomness, corrupted software libraries and a variety of attacks resulted in the total exploitation of stored HNDL data. The issue is fundamental to the single-points-of-failure in public key infrastructure (PKI) which is based on a 1970s architecture predating the internet, cloud, virtualization, and containerization used in modern information systems. Qrypt leverages multiple quantum entropy hardware sources and distributed software algorithms to enable end-to-end-encryption (EE2E) with simultaneous key generation at any endpoint. This mechanism decouples the data from the decryption keys, eliminates key distribution and is unaffected by multiple weaknesses in the system, including the potential failure of the PQC algorithms and insider threats.
The modern warfighter will operate in converged PKI environments on 5G/6G networks, using autonomous systems, in smart cities, built on technology under adversarial control. Secure communications will need much higher levels of assurance than currently possible. Incremental improvements to classical techniques will be insufficient in the quantum era.
Kelly Dalton, AFRL
Jonathan Thompson, AFRL
This is an update to last year’s presentation regarding an effort to provide DoD funded, shared supercomputing to the acquisition engineering, research, development, and test & evaluation communities. Large scale supercomputers are funded by the DoD High Performance Computing Modernization Program for the purpose of providing no-cost computing to scientists and engineers working on DoD problems. Contractors can also access these resources under a DoD contract involving an RDT&E project. This unclassified/CUI presentation will provide information regarding current status and future plans by the Department of Defense to provide continued access to free supercomputing resources to government and contractors supporting special programs and/or SCI-related projects in the research, development, acquisition, and test & evaluation mission areas. Specifically, the large-scale computing resources provided by the DoD High Performance Computing Modernization Program (HPCMP) will be discussed as well as how to access these resources. The supercomputing systems undergo a recurring technical refresh funded by the DoD HPCMP. The individuals/organizations do not pay for compute time or storage on the DoD supercomputers as these are funded through the DoD HPC Modernization Program.
USG has prohibited acquisition of hardware from sanctioned entities and excluded those companies from doing business in the United States. But most program managers don’t realize that those same sanctioned entities and foreign adversaries actively develop, maintain and control software dependencies used by classified military programs. While these dependencies can theoretically be code-reviewed before approval, they’re almost never reviewed beyond a one-time check for viruses or known vulnerabilities – with little to no monitoring of upstream risks. And even if their source code is reviewed, there’s no chain of trust between repositories and published packages.
This talk will illustrate how Chinese and Russian developers are positioning in the upstream software supply chain, how that risk can be detected and how it can be managed in an automated way, at scale, in the absence of any known or detectable vulnerabilities in the code. Single-maintainer projects belonging to Russian government employees have been identified in federal APIs that handle highly sensitive data at high scale. The ecosystems in which adversarial entities are active include AI/ML used in defense, which was the subject of a year-long analytic project that Ion Channel (recently acquired by Exiger) executed for DTRA. The data backplane for identifying adversarial FOCI in upstream software dependencies has both defensive and offensive value in software-intensive programs and missions.
Kathleen Featheringham, Maximus
Michael Sieber, Maximus
Frank Reyes, Maximus
As the Defense Department (DoD) continues its cloud modernization journey with the Joint Warfighting Cloud Capability (JWCC) and other programs, managing sensitive data in the cloud is a top priority and cybersecurity challenge.
Emerging technologies such as artificial intelligence (AI) offer novel strategies to fortify cryptographic practices, enhance data encryption, and bolster cloud security.
Reaping the benefits of AI-powered cloud security requires good data practices and data governance as well as proper configuration management and modern encryption strategies to ensure data security.
This session aims to address common cloud security concerns and outline use cases for comprehensive cybersecurity and encryption practices powered by AI to properly manage sensitive data in the cloud.
Jack Gumtow, MetroStar
Cedric George, MetroStar
Joe Early, MetroStar
With decades of sensitive government documents requiring classification review, manual human intervention has been vital but cumbersome. While some technologies aid the process, none—to-date—reduce the cognitive load of a human reviewer. DeCypher (an AI solution) employs cutting-edge language models and classification guidebooks, delivering swift, explainable, and automated classification, markup, and redaction with the essential oversight of human expertise. This talk aims to discuss how we can embrace the future of secure and efficient document classification by diving into the game-changing innovation of AI and Large Language Models.
Yvette Jacks, DTIC
Christopher Hunt, DTIC
Matt Poe, DTIC
Aligned to OUSD(R&E), the Defense Technical Information Center (DTIC) is the DoD’s central S&T knowledge and analytics center. DTIC’s Deputy Administrator, Chief Data Officer and Chief Technology Officer will provide an overview of DTIC, some exciting AI and ML capabilities we are building out, the ROI of DTIC’s centralized capability, and how the DoD S&T community can engage and partner with DTIC. Attendees will also learn about DTIC’s digital modernization journey, experience implementing DevSecOps, and gain insights into DTIC’s pathfinder experience working with DoD CIO to achieve the Department’s second ever continuous authority to operate (cATO).
Rob Case, DON SAP CISO
An examination of the Risk Management Framework as a dynamic cybersecurity program featuring Cyber Hygiene, Cyber Readiness, and Continuous Compliance as prime disciplines. The end in mind is to finally mature beyond checklists and firefighting, develop locally relevant threat intelligence programs, prepare for continuous ATOs with fully developed ConMon programs, and generate feedback loops between the monitors and responders. This presentation explores the Risk Management Framework and JSIG control families as features of Cyber Hygiene (management of the authorized) and Cyber Readiness (management of the unauthorized) and encourages RMF practitioners to go beyond the ATO. The concept of outprocessing the checklist is encapsulated in a change of mindset; completing a task is not compliance and compliance is not security. Narrative-based bodies of evidence authored and informed by ISSOs are insufficient. Cybersecurity practitioners must seek system-based artifacts as their proof of configuration and ISSOs must be informed by the system.
Chad Steed, ORNL
Visual analytics is a viable approach for enabling human-machine collaboration in today’s most challenging data analysis scenarios. While the increasing volume and complexity of modern data sets severely limits the viability of purely manual, human-centered strategies, most data analysis tasks are inherently exploratory (meaning the user doesn’t know all the questions they may ask of the data beforehand) and require interactive query capabilities. Visual analytics solutions that balance human and machine strengths are ideal, but achieving such a balance is not trivial. It requires judicious orchestration of human strengths, namely creativity, intuition, visual perception, and cognition, with the computational power of machines and the automated algorithms that run on them. In this talk, I will discuss modern data analysis challenges and how visual analytics tools can help solve them. To illustrate these ideas, several visual analytics systems will be described with an emphasis on the integration of human interaction, data visualization, and algorithmic guidance into flexible tools. I will also highlight the application of these tools to real-world applications in explainable AI, sensitivity analysis, multivariate analysis, and text mining. I will conclude with an overview of active and future visual analytics work.
Caleb Snow, WWT
Kimberly Haines, WWT
AIDN leverages state-of-the-art machine learning and artificial intelligence algorithms to detect and respond to even the most advanced and elusive threats. It identifies malicious activities in real-time, minimizing the potential impact of attacks. Through continuous monitoring through AIDN, your organization enjoys 24/7 monitoring of your digital infrastructure. AIDN provides immediate alerts and proactive threat remediation to prevent breaches before they occur.
Through our User-Friendly Interface, our intuitive, user-friendly dashboard simplifies the complexities of cybersecurity management. It offers real-time insights into your network’s security posture, allowing for informed decision-making. AIDN is designed to grow with your organization. AIDNs threat intelligence integrates threat intelligence feeds from multiple sources, ensuring you stay ahead of emerging threats. This knowledge helps AIDN adapt its defenses and protect your organization from new attack vectors.
Mohammad Raza, Green Lambda
Network infrastructure has to allow the administrators to understand, see, and monitor exactly where threats can enter the network. Add to this, intrusion detection, the ability for intrusion prevention and you have a network ready for government level security.
Kenny Bowen, Microsoft
Rebeka Melber, Microsoft
Historically, the DoD SAP Community has faced a glaring challenge – one of disconnection. Over the past decade, a remarkable transformation has taken place. Thanks to a roll out of enterprise-level SAP capabilities over the past decade, connectivity has surged to unprecedented levels. These advancements have become the backbone of an entirely new era, opening doors to a consolidated stream of data that is poised to reshape the landscape of national defense. The proliferation of Cloud Service Providers (CSPs) authorized for SAP data further signals the dawning of this transformative era. In the midst of this technological evolution, it’s crucial not to overlook the basics. While the buzzwords of Artificial Intelligence and Machine Learning are reshaping our technological landscape, the foundation for these innovations must be steadfastly established. Our success hinges on getting the fundamentals right, ensuring that the most fundamental functions are in place. Collaboration emerges as the cornerstone that will pave the way towards a truly robust and effective national defense strategy. This talk will delve into the narratives of the past, the dynamic landscape of the present, and the exciting potential of the future. It encompasses communication between Defense Industrial Base (DIB) and Government, Enterprise and Mission Users, and General and Privileged Users. As we stand on the precipice of unparalleled technological advancements, it is our responsibility to steer this transformation with clarity, unity, and a shared vision. Through collaboration and convergence, we shall not only bridge past disconnects but also construct a foundation for a stronger, safer, and more technologically empowered future.
John Loucaides, Eclypsium
Not a month goes by without another deep vulnerability in CPUs, memory, BIOS, BMCs, or some other component buried inside nearly every piece of IT equipment. While these issues sound serious, the very premise of these components is to abstract away hardware details. With adversaries known to be exploiting these bugs, how can we assess vulnerabilities not mitigated by traditional endpoint security solutions?
In this talk, John will explore some of the technical issues related to cyber security of the supply chain. He will explain the most common issues, how to check for them, and how to avoid being taken by surprise. Having personally been involved in research into and coordinated disclosure of serious platform-level vulnerabilities, John will speak from personal experience (both within USG and outside) to suggest practical solutions involving both open source and commercial tools to help with this evolving problem. After discussing issues that affect firmware updates, end of life, component vulnerability scanning, integrity checks, and sanitization/destruction, attendees will discover that even though perfection is impossible, all is not lost.
Andrew “AJ” Forysiak, Varonis
Chad Mason, Varonis
The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public, private sector, and ultimately, the American people’s security and privacy. By implementing Zero Trust (ZT) across all agency systems, the U.S. government seeks to protect high-value assets, but without first building a solid foundation, any zero-trust architecture will be largely ineffective and unwieldy. Agencies must now strive to provide best-in-class zero trust-based security while satisfying compliance requirements such as EO 14028, DOE O 471.1, and OMB 22-09. Zero Trust represents a paradigm shift in how we think about protecting our assets and requires a multi-phased process to deploy successfully.
David Metcalf, UCF
AI, Blockchain, and Cybersecurity (ABC) advances are reshaping the enterprise solutions that support the warfighter. This session provides a survey to explore use cases under development at University of Central Florida’s Institute for Simulation and Training including the ARO sponsored Blockchain and Quantum Defense Simulator for multi-protocol prototyping, modeling, and testing, Army TRACRChain Blockchain for automated range data from TRACR2, and Navy Project AI Avenger analysis of AI media scrubbing tools. A review of design, standards, early results, and scalability opportunities and issues will be shared. Synergy with other projects and next steps in ABC solutions to meet emerging requirements for cross-warfighter solutions will be presented. Tangible examples include a digital twin prototype to combine operational readiness and trusted career-spanning data from recruit to retire and a quantum computing cyber awareness and AI Assurance simulation platform. Using platforms like digital twins, quantum-as-a-service, large language models-as-a-service, and advanced simulations allow Commands to explore specialized use case, protocols, standards, and scalability before committing vital resources – leveraging modeling, simulation and analysis techniques such as NSF ICorps and Hacking for Defense. Concluding remarks include discussion of methods of collaboration between military, industry, and academia to leverage public university research and other nonprofit entities.
Caden Bradbury, NetApp
AI models are only effective if they can be utilized in the most extreme tactic edge scenarios. (Think: in the back of a Humvee, on a Naval Ship, in a remotely operated drone, etc.) While the training of accurate models is vital, the biggest challenge in these edge environments is moving data and models to and from the tactical edge to core data center.
Models must be continuously improved to be used effectively. They must perform at the highest level possible for the DoD. This is especially true in life-or-death scenarios, like automated target acquisition models. To optimize models, new data must be continuously fed to the algorithm.
Gentry Lane, ANOVA Intelligence
We’re looking for more DAOs to participate in a JFHQ-DODIN sponsored pilot. Nemesis is a novel computational software platform that addresses current capability gaps required to sustain deterrence in the cyber domain. By leveraging new discoveries AI/ML/DL, Nemesis functions as a global, interoperable, standardized cybersecurity software platform for early detection, rapid attribution, secure intelligence sharing, and global situational awareness of advanced persistent threat activity in DoDIN endpoints. Nemesis R&D was funded by DHS & DoE at Oak Ridge National Laboratory.