Start Date: 2/12/2019 7:30 AM EST
End Date: 2/12/2019 10:00 AM EST
Venue Name: Valo Park (formerly TEGNA) Location:
7950 Jones Branch Drive
McLean, VA United States 22102
Tuesday, February 12, 2019
Member Forum: Cybersecurity Compliance Requirements-Practical Guidance on DFARS-NIST 800-171
For SECAF Members Only
7950 Jones Branch Drive
McLean, VA 22101
Addressing cyber threats has become an enormous priority for the federal government.
- Under DFARS 252.204-7012, the cybersecurity regulations set out in NIST 800-171 became mandatory for contractors and subcontractors in the Department of Defense supply chain at the end of 2017.
- GSAR – GSA’s own cybersecurity regulations covering all government contractors - are due out in 2019.
- The EU’s General Data Protection Regulation (GDPR) became effective in May 2018, regulating the processing of personal information originating from the European Union.
- California even rushed through its own data protection law affecting companies that do business in California.
The government’s oversight on how contractors store and use information is expanding and compliance is becoming more and more complex.
Join us for this informative panel to hear from one of the authors of the NIST regulations and industry colleagues who have implemented their own cybersecurity programs and required subcontractors to do the same.
Moderator: Tim Brennan
- CEO and Founder, SysArc
- Mark Birch - President and CEO, Automation Technologies Inc. (ATI)
- Kristin Grimes - Corporate Counsel, Leidos
- Ron Ross - Fellow, National Institute of Standards and Technology (NIST)
founded SysArc in 2004 and has more than 30 years of experience in the IT industry within the D.C. market. Tim is responsible for managing all of SysArc’s teams and operations as well as setting the overall vision and strategic direction for the company. He excels at reducing costs for SysArc’s clients and producing tangible results surrounding the use of technology. Tim is passionate about building a meaningful and lasting enterprise that is centered around client satisfaction and success and providing employees with a great place to work.
Tim started his career at Booz Allen as a software engineer and moved on to start his own software development company, Dynamic Software Systems, when he was in his twenties. After selling his company, he was involved in the rapid growth of several technology start-ups during the internet boom in the 1990’s until he eventually started SysArc.
When not working, Tim enjoys fishing, boating, local live music and going to as many Washington Nationals games as possible.
is the President and CEO of Automation Technologies Inc. (ATI), a position he has held since 2015. In his role as President and CEO he is responsible for setting and executing the strategic direction for ATI as well as driving the company’s growth. Mark is a 30+-year veteran of the Federal Information Technology (IT) industry in both the Civilian and Defense sectors with the majority of those years managing large IT contracts/projects. Those mission-critical projects focused on providing enterprise-wide network engineering, information security, operations and maintenance, software development, education and training, and systems engineering services. As a Senior Executive for the past 25 years at both small and mid-tier firms, he has managed operational groups in excess of $60M in annual revenues.
Before joining ATI, Mark served as Vice President at AAC Inc. where he directed the Federal Civilian Group. During Mark’s 10+ years at AAC, he managed both Civilian and DoD contracts and played a major role in growing the company’s business by more than 650%. Prior to AAC Mark was the Vice President of Operations at Lloyd Lamont Design (LLD) for 11+ years. He has also had leadership roles with ManTech, SAIC and LD Research.
Mark graduated from Radford University with a B.S. in Business Management in 1986. He attended the Executive Program for Strategy and Organization at Stanford University as well as courses in Capture and Proposal Management from Shipley Associates. Mark is ITIL v3 Foundations certified.
is corporate counsel at Leidos, specializing in cyber issues from the program to enterprise level and throughout the Leidos supply chain. She advises stakeholders on data protection best practices, incident response, and all aspects of cyber regulatory compliance. Ms. Grimes is also responsible for industrial security, insider threat mitigation, and domestic and international investigations, including privacy implications. Prior to joining the legal department, Ms. Grimes spent ten years with SAIC/Leidos working operational and strategic counterintelligence, counterterrorism, and cyber issues for the U.S. Intelligence Community.
is an advocate for pro bono service and founder of the Leidos Pro Bono Program. She is also a member of the Intelligence and National Security Alliance (INSA) Legal Working Group and Insider Threat Subcommittee, as well as a Vice Chair for the American Bar Association Public Contract Law Cybersecurity, Privacy, and Data Protection Committee. Ms. Grimes received her J.D. from The George Washington University Law School and has a B.A. in Political Science/Japanese and an M.A. in International Relations from Seton Hall University.
is a Fellow at the National Institute of Standards and Technology. His focus areas include information security, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure. His current publications include Federal Information Processing Standards (FIPS) 199 (security categorization), FIPS 200 (security requirements), and NIST Special Publication (SP) 800-39 (enterprise risk management), SP 800-53 (security and privacy controls), SP 800-53A (security assessment), SP 800-37 (Risk Management Framework), SP 800-30 (risk assessment), SP 800-160 Vol.1 (systems security engineering), and SP 800-171 (security requirements for nonfederal systems and organizations), SP 800-160 Vol. 2 (cyber resiliency), and SP 800-171A (security assessments for nonfederal organizations). Dr. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, Office of the Director National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for the development of the Unified Information Security Framework for the federal government and its contractors.
Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. He has also lectured at many universities and colleges across the country including the Massachusetts Institute of Technology, Dartmouth College, Stanford University, the George Washington University, and the Naval Postgraduate School. A graduate of the United States Military Academy at West Point, Dr. Ross served in many leadership and technical positions during his twenty-year career in the United States Army. While assigned to the National Security Agency, Dr. Ross received the Scientific Achievement Award for his work on a national security project and was awarded the Defense Superior Service Medal. Dr. Ross is a four-time recipient of the Federal 100 award for his leadership and technical contributions to critical information security projects affecting the federal government and is a recipient of the Presidential Rank Award. He has received the Department of Commerce Gold and Silver Medal Awards and has been inducted into the National Cyber Security Hall of Fame. Dr. Ross has also been selected as an (ISC)2 Fellow and inducted into the Information Systems Security Association Hall of Fame receiving its highest honor of Distinguished Fellow.
Dr. Ross has received numerous private sector awards including the Partnership for Public Service Samuel J. Heyman Service to America Medal for Homeland Security and Law Enforcement, Applied Computer Security Associates Distinguished Practitioner Award, Government Computer News Government Executive of the Year Award, Vanguard Chairman’s Award, Government Technology Research Alliance Award, InformationWeek’s Government CIO 50 Award, Billington Cybersecurity Leadership Award, ISACA National Capital Area Conyers Award, ISACA Joseph J. Wasserman Award, Symantec Cyber 7 Award, SC Magazine’s Cyber Security Luminaries, (ISC)2 Inaugural Lynn F. McNulty Tribute Award, 1105 Media Gov30 Award, and three-time Top 10 Influencers in Government IT Security.
During his military career, Dr. Ross served as a White House aide and a senior technical advisor to the Department of the Army. He is a graduate of the Defense Systems Management College and holds Masters and Ph.D. degrees in Computer Science from the U.S. Naval Postgraduate School specializing in artificial intelligence and robotics.
Need an Incentive to Join SECAF? Join Today to Save $50!
- First - Join SECAF using Promo Code: JoinBy02.19.19
- Next - Register for the event at the member rate
- $45 Register by 7:00 pm on February 7 at 7:00 pm
- $55 After 7:00 pm on February 7
NEW for SECAF Members! If you know someone who might want to join SECAF, invite them to attend an event with you at the member rate. When you register for an event, you will see a GUEST tab. Enter the email address of the guest followed by the first name, last name and company name. You can pay for both of you when you check out.