Skip Navigation Links
Events
Coalition Information Sharing
CyberWest
DI2E Plugfest 2014
Agile in Government
ADAPT on AGILE: Focus on DevOps
AFEI Supported Events
Past Events
News
Industry News
Press Releases
Resources
Links
Working Groups
ADAPT
Industry Advisory Group (IAG)
PM-ISE Working Groups
Section 804 Task Force
Enterprise Architecture
AFEI Awards
Nominations for Execellence in Enterprise Information
About
What We Do
Governance
Membership
Contact Us
History

 Supply Chain Risk 2012  

Register today 
Theme

 Doing business in a Global Economy: What is a Trusted Supply Chain? 

Event Number

 2A06 

Date

 3/14/2012  to 3/14/2012 

Location

 Hilton Crystal City 

Contact

 Betsy Lauer, blauer@afei.org 

Information

Supply Chain Risk 2012 

"The risk of compromise in the manufacturing process is very real and is perhaps the least understood cyber threat."

                                
- Former Deputy Secretary of Defense William Lynn

Newly Released Report

China ReportOccupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage

China has been acknowledged as a source for cyber intrusions as well as counterfeit micro-electronics.  A newly released report prepared for the U.S.-China Economic and Security Review Commission expands on a 2009 assessment of China's evolving computer network operations capabilities and risks to the U.S. Telecommunications Supply Chain.

Download report here

The Defense Department, through efforts such as the Trusted Foundry program and use of standards like Common Criteria (ISO/IEC 15408), is working to reduce its supply chain vulnerability footprint.  This is not a small problem.  Some have recommended government measures that mandate significant and potentially onerous consequences for suppliers having inadequate cyber protections.

The House Republican Cybersecurity Task Force, however, recommends an approach based more on incentives rather than regulations.

The Cyber risks and vulnerabilities in an improperly managed supply chain, from counterfeit equipment to malware to other avenues of attack, are real and growing.   Agencies and departments are developing policies to keep a more watchful eye on vendors, partners, and others in their cyber supply chains and adopt best practices for mitigating risks across their systems and processes.

The question remains:  Will they be carrots or sticks?

 

Agenda 

 All Presentations combined

8:30 AM

Welcome

Ms. Jennifer Bisceglie
President, Interos Solutions, Inc.

 Brett Lambert

Keynote Address

Brett B. Lambert, Deputy Assistant Secretary of Defense, Manufacturing and Industrial Base Policy, DoD

Mr. Lambert is the principle advisor to the Under Secretary of Defense for Acquisition, Technology and Logistics on all matters relating to the defense industrial base, including industrial capabilities and assessments; defense industry mergers, acquisitions and consolidation; preservation of essential industries and technologies; and other related matters.

Presentation not for release

9:15 AM

 

Mr. Larry Clinton, President and CEO, Internet Security Alliance

Mr. Clinton has been featured in USA Today, the PBS News Hour, the Morning Show on CBS, Fox News, CNN’s Situation Room, C-SPAN, and CNBC and has authored numerous professional journal articles on cyber security.  Mr. Clinton is regularly called upon to testify before both the U.S. House and Senate and promotes a pro-market, anti regulatory approach to cyber security as outlined in numerous publications, including the ISA Cyber Security Social Contract and the Financial Management of Cyber Security.

Presentation

10:00 AM

Networking Break

10:30 AM

Understanding the Threat

Chinese Microelectronics and Computing Technology

Dr. Josh Alspector, Institute for Defense Analyses

Presentation not for release

11:15 AM Phil Harris, Executive, V8Logistics Services Group - Presentation

12:00 PM

Lunch

1:00 PM

Do I Really Need That Big Stick? - Government Initiatives to Protect/Manage Supply Chains

Moderated by Don Davidson, Chief, Outreach, Science & Standards (CNCI-SCRM) Trusted Mission Systems & Networks (TMSN) Office of the DoD-CIO
Presentation

Invited Panelists:

  • Mitchell Komaroff, Director, Trusted Mission Systems and Networks, DoD CIO

  • Lisa Kaiser, Director, Control Systems Cybersecurity Strategic Planning, Control Systems Security Program, Department of Homeland Security

  • Jon Boyens, Senior Advisor, Computer Security Division at NIST

    ** Presentations not available by panelists - contact for information

2:30 PM

Networking Break

3:00 PM

Carrots Work Better Than Sticks – Perspectives from Industry

Moderated by Ms. Catherine Ortiz, Defined Business Solutions - Presentation

Invited Panelists:

  • Craig Corbin, Director, Strategic Programs, World Wide Technology  - Presentation
  • Andras Szakal, VP and Chief Technology Officer, IBM Federal Software  - Presentation
  • Steve Lipner, Microsoft, Chairman of SAFECode - Presentation
  • Andrew Olney, Director of Reliability and Product Analysis, Analog Devices, Inc. - Presentation not for release

4:30 PM

Summary Panel – What did we hear, where do we go?

  • Ms. Jennifer Bisceglie, Interos Solutions, Inc.
  • Don Davidson, Chief, Outreach, Science & Standards (CNCI-SCRM) Trusted Mission Systems & Networks (TMSN) Office of the DoD-CIO
  • Robert B. Dix, Jr., VP, Government Affairs & Critical Infrastructure Protection, Juniper Networks

5:00 PM

Adjourn

Location 

Hilton Crystal City 
Crystal City at National Airport
2399 Jefferson Davis Hwy
Arlington, VA 22202
703-418-6800

Map & Directions
 

Complimentary hotel airport shuttle service is provided to and from Ronald Reagan Washington National Airport (DCA) and  the Crystal City Metro station. The Crystal City Metro Station is 3 blocks away.
www.crystalcitynationalairport.hilton.com

Parking

The Hotel offers Self Parking only in a Security Enclosed Parking Facility directly beneath the hotel, based on availability.  The fee is $24.00 based on 3 or more hours.


 

Registration

On-line registration will close COB, Friday, March 9. You may still register for the event. Please download, complete the registration form with payment, and bring with you on site to the conference.  Registration Form

For information or assistance, please contact Betsy Lauer at (703) 247-9473 or blauer@afei.org

Registration

Regular Fee
(thru February 29)
Onsite Fee
(after March 1st)
Government*/
Academia
$179
$279
Industry Member
(NDIA Member and Affiliates)
$259
$359
Industry Non-member
$399
$399

 *Only available for active-duty military and civilian employees of the Government.  Does not apply to contractors working for the government in any capacity.


Registration Policy

Deadline to register online or by fax is by COB Friday, March 9, 2012


A registration form
may be downloaded, completed, and brought to the conference for onsite registration. Please do not mail any registration forms after February 24th. Registrations will not be taken over the phone; payment must be made at the time of registration.  

Cancellation Policy

Cancellations received by Wednesday, February 29, 2012 will receive a full refund.   No refunds will be given for cancellations after February 29th.  Substitutions are welcome in lieu of cancellations, as long as there is no financial transaction. All substitutions and cancellations must be made in writing to tkicker@afei.org.

Sponsors 

Value:

Sponsorships provide maximum visibility and brand recognition. You can strengthen your market position, make key contacts, showcase your products and services, and develop relationships with new customers, while reinforcing your existing customer relations. Sponsorships add a critical tool to your current marketing strategy.

Promotional Partner for $1,500 

Benefits include:

  • Logo on the conference event web site
  • Company name on filler slides at conference
  • Recognition from the podium
  • Event Signage
  • 1 complimentary conference registration

Contact Betsy Lauer at Blauer@afei.org or 703-247-9473 for details on this event, or combine your sponsorship at both AFEI December cyber related events.

 

For Attendees

This symposium addresses the following questions:

  • Update:  What’s happened since the last seminar and what’s new in the 2012 FY that we need to be aware of?
  • What policy and legislation approaches are best in addressing this problem?
  • What are new policies and models for trusting suppliers, their supply chains and systems? Are current policies and those under consideration regarding suppliers and counterfeiting really going to be effective?
  • Self-regulation vs government mandates – which is the more effective method?
  • Do stringent requirements endanger fragile industries?
  • Do half-measures provide inadequate protections?
  • What are the unintended consequences of physical and cyber intersections for supply chains?
  • How are real issues in this space defined and differentiated from non-issues?

The Comprehensive National Cybersecurity Initiative (CNCI) Initiative 11 recommends developing a multi-pronged approach for global supply chain risk management.   This initiative should provide “a robust toolset to better manage and mitigate supply chain risk at levels commensurate with the criticality of, and risks to, their systems and networks.”

Who Should Attend?

Over one hundred and twenty five professionals in this area attended the first Cyber Supply Chain Forum.  They represented a cross-section of businesses, large and small, who are participants in a supply chain and who have a stake in the outcome of debates on these topics.

Budget talks have stalled some action on this issue, but it is coming.  Industry is realizing that being a "good supplier" means having adequate cyber protections, both for its own intellectual property and for the Government data it is privileged to maintain or have access to.

The time is coming when some for of auditable certification of cyber protection will be required to obtain Government business.

If you want to gain insights on what the future holds, participate in these critical discussions, be a part of the solution and not the problem, and network with others to learn what they are doing, then this event is for you.