Share this:

CISQ IT Risk Management and Cybersecurity Summit

March 24, 2015

CISQ IT Risk Management & Cybersecurity Summit 2015

 

Join us for the next CISQ Seminar at the OMG Technical Meeting on Tuesday, March 24, 2015 at the Hyatt Regency Hotel (1800 Presidents Street) in Reston, VA USA.

 

The CISQ IT Risk Management and Cybersecurity Summit will address issues impacting software quality in the Federal sector: Managing Risk in IT Acquisition, Targeting Security Weakness, Complying with Legislative Mandates, Using CISQ Standards to Measure Software Quality, and Agency Implementation Best Practices. The Summit will feature CISQ Director, Dr. Bill Curtis, and other national experts to share experiences and lessons learned.

 

This one day leadership forum will provide both IT practitioners and leaders insights into industry standards and case studies needed to mitigate vulnerabilities and risk from both a development and acquisition management perspective. Congress and the White House have voiced extreme interest and mandated action for software quality measures – Executive Order 13636, NDAA Sec. 933, FITARA, SEC Regulation SCI – and with credit given to CISQ, SEI, OMG, and MITRE, software quality metrics are ready now.

 

Joining CISQ in 2015: U.S. Department of Defense, U.S. Department of Homeland Security, Defense Intelligence Agency, Defense Information Systems Agency, General Services Administration, Internal Revenue Service, U.S. Army, U.S. Airforce, Lockheed Martin, MITRE, NIST, SEI, Booz Allen Hamilton, Northrop Grumman, Deloitte, and others.

 

This seminar is intended for IT executives, application managers, software measurement and improvement specialists, quality assurance professionals, and others interested in using automated software measures.

 

The event is held at the Hyatt Regency Hotel in Reston, VA.

 

PRESENTATIONS NOW AVAILABLE FOR DOWNLOAD! VISIT THE MEMBERS AREA OF THE CISQ WEBSITE UNDER “EVENT & SEMINAR PRESENTATIONS.” You must be a registered member of the Consortium for IT Software Quality (CISQ) to access the Members Area. Membership is free. Sign up here.

 

 

PROGRAM AGENDA

  8:00 – 9:00 am

Registration

  9:00 – 9:15 am

Welcome from CISQ

Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ)

 

CISQ Director, Dr. Bill Curtis, will give a brief introduction to the IT Risk Management & Cybersecurity Summit and introduce topics to be covered

  9:15 – 10:15 am

Keynote: Lessons from Cyber Security Assessments in DOD

Dr. J. Michael Gilmore, Director of Operational Test and Evaluation (OT&E), Office of the Secretary of Defense, U.S. Department of Defense

 

Unclassified results of cyber security assessments conducted during major exercises and development of major acquisition programs indicate people and processes are equally as important as software code to achieving cyber security in weapons systems and business systems

  10:15 – 10:30 am

Refreshment Break

  10:30 – 11:00 am

Using CISQ Metrics to Automate Software Measurement

Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ)

 

Review of CISQ quality measures to control the quality, cost, and risk of software that is provided internally or by third parties

  11:00 am – 12:00 pm

Panel: Agency, Department, and Legislative Policies Impacting Software Risk

Lead: John Weiler, Vice Chair, IT-AAC

Panelists: Joe Jarzombek, Director, Software & Supply Chain Assurance, Department of Homeland Security; Bob Dix, VP Policy for Juniper, Former Staff Director, House Oversight Committee; Richard Beutel, Senior Advisor and Counsel for Acquisition Policy, House Oversight and Government Reform Committee; Julie Chua, Lead Information Security Specialist, Department of Health and Human Services, ONC

 

Discussion of strategic Federal initiatives to increase the resilience, reliability, and security of Software Intensive systems while supporting legislative mandates coming from Congress, the White House, and internal DOD & Civ Department level policies – Executive Order 13636, FITARA, NDAA Sec.933, SEC Regulation SCI

  12:00 – 1:00 pm

Lunch

  1:00 – 2:00 pm Keynote: IT Risk Management
 John Hickey, CIO and Risk Management Executive, DISA

  2:00 – 2:45 pm

Latest Advances in Cybersecurity and the NEW CISQ Security Standard

Robert Martin, Director, Common Weakness Enumeration Repository, MITRE Corp.; Carol Woody, Senior Technical Staff, Software Engineering Institute (SEI) at Carnegie Mellon University

 

How to leverage the CISQ security standard that draws from the Common Weakness Enumeration (CWE) repository of top security weaknesses

  2:45 – 3:00 pm

Break

  3:00 – 3:45 pm

Business Case & ROI

John Keane, The Software Angel of Death

 

Discussion of current laws regarding software assurance and its relationship to cybersecurity; the difference between price, cost and value; and how to manage IT risk as a means of obtaining value

  3:45 – 4:30 pm

IT-AAC Leadership Panel: Acquisition Language and Metrics

Lead: John Weiler, Vice Chair, IT-AAC

Panelists: Don Johnson, Associate Director, Cyber Acquisition, Office of the Secretary of Defense; Don Davidson, ICT-SCRM Specialist for the GTF, Office of the Secretary of Defense; Honorable John G. Grimes, former Assistant Secretary of Defense for Networks and Information Integration (ASD NII) and Department of Defense Chief Information Officer (DoD CIO); Dr. Pres Winter, Former CTO, NSA; Greg Capella, Deputy Executive Director, DHS

 

Discussion about contract language and quality thresholds to manage IT acquisition and service level agreements

  4:30 – 5:30 pm

CISQ Close + Cocktail Reception

 

 

Thank you CISQ Partner

 

Information Technology Acquisition Advisory Council (IT-AAC)

 

The Information Technology Acquisition Advisory Council (IT-AAC) is a public/private partnership of concerned citizens, public interest groups, private sector sponsors and government partners working together to serve as a catalyst for positive change and evolution in the Information Technology Acquisition System to meet the demands of the 21st century. IT-AAC’s mission is to provide the Obama-Biden Administration and National IT Leadership with a trusted collaborative structure and a 500 Day Transformation roadmap for Streamlining the IT Acquisition Process, assuring critical mission elements that are highly dependent on IT (Info Sharing, Cyber-Security, E-Health, E-Gov, E-Biz, and Green IT). www.it-aac.org

ITAAC

 

 

 

 

3 thoughts on “CISQ IT Risk Management and Cybersecurity Summit

  1. Pingback: Dr. J. Michael Gilmore, Director of Operational Test and Evaluation (OT&E), DoD, to Deliver Keynote at CISQ IT Risk Management & Cybersecurity Summit | CISQ - Consortium for IT Software Quality

  2. Thank you for hosting the Cybersecurity Summit, I found the presentations very informative. Several times during the day it was mentioned we would have the presentations. Will they be posted on the CISQ website?

    Thanks,
    Dave Collins

    • Hello Dave, the presentations are now posted to the site. Please let me know if you have trouble accessing them. See above on this event page. There is a link to the Members Area of the CISQ site and the presentations are posted under “Event & Seminar Presentations”

      Tracie
      tracie.berardi@it-cisq.org

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comment validation by @