3rd Annual Symposium
Chief Information Security Officer, Central Intelligence Agency
Sherrill L. Nicely started her tenure as CIA’s Chief Information Security Officer in May 2012. She is responsible for overseeing the defensive posture of the Agency’s cyber security capabilities, including governing blue team assessments of agency IT for cyber security sufficiency. She ensures Cyber Security Group (CSG) provides appropriate advice and guidance to the Agency and IC to protect CIA digital information and cyber resources, develops and implements protective cyber countermeasures, and monitors the cyber security of Agency IT resources. She certifies all Agency IT systems, and recommends accreditation decisions to the Approving Official.
Prior to this assignment, Ms. Nicely served as the CIA’s Deputy Chief Information Officer, acting as the CIO’s alter ego to lead agency efforts to modernize Enterprise Information Technology (EIT), making information secure, accessible, and standardized. As Deputy CIA CIO, she performed critical leadership functions, including chairing governance boards to recommend EIT resource allocation, championing development of modern EIT Policy and guidelines, and leading CIO initiatives to improve technical capabilities for sharing information with foreign partners.
From April 2008 through August 2010, Ms. Nicely served as the Deputy Intelligence Community Chief Information Officer. In this role, she oversaw the budget and assisted in formulating improvements to digital information sharing throughout the Intelligence Community, with customers, warfighters and policymakers, and with our closest allied partners.
From 2006 through 2008, Ms. Nicely served as the Deputy Associate Director of National Intelligence for Intelligence Community Information Technology Governance (DADNI/ICTG), where she was responsible for formulating policies and guidelines to secure the Intelligence Community enterprise, including the provision of a single identity for Intelligence Community personnel, and improvements to mechanisms for providing role-based access to information. In addition, she led IC CIO activities supporting improvements to the Intelligence Community’s cybersecurity posture.
From June 2002 through January 2006, Ms. Nicely served as the Director for Information Assurance in the Office of the Intelligence Community Chief Information Officer (IC CIO), overseeing the community’s compliance with information assurance policies and requirements. From 1999 until joining the IC CIO staff, Ms. Nicely served as the CIA CIO InfoSec Liaison, representing CIA equities at many government fora. Ms. Nicely also served as the Information System Security Manager (ISSM) for CIA systems that share information with the Community. In this role, she was responsible for the overall security of the systems and sensitive information provided, as well as ensuring that CIA staff could collaborate with others.
Presentation Title: Living in Cyber Space
Abstract: Cyber Defense is a hard business. The odds are unfortunately stacked on an attacker’s side which often leaves the network defenders to play “catch up.” As the number and scope of breaches continue to increase, new defensive strategies are required. To be effective, organizations need a wide range of skills and techniques in their arsenal. The presentation will cover some of the key components and skills needed to build an effective cyber program.
Deputy Director and Cybersecurity Advisor, New Jersey Office of Homeland Security and Preparedness
Deputy Director Weinstein joined OHSP in August 2014, serving as New Jersey’s first Cybersecurity Advisor. Prior to joining OHSP, Deputy Director Weinstein served three years at US Cyber Command, where his portfolio covered cybersecurity operations, policy, and planning. Following his time at Cyber Command, he applied his experience to the private sector, where he consulted commercial clients on managing their cyber risk.
Deputy Director Weinstein has been recognized by Forbes magazine as a “top cyber-policy expert” and his analysis and commentary have been featured in numerous media and academic publications, including the Georgetown Journal of International Affairs, the US Naval Institute’s Proceedings, Foreign Affairs, Foreign Policy, CNN.com, and The Boston Globe.
Born and raised in Westfield, New Jersey, Deputy Director Weinstein holds a Bachelor’s degree from Johns Hopkins University and a Master’s degree from Georgetown University’s School of Foreign Service. He is currently a non-resident cybersecurity fellow with The New America Foundation.
Presentation Title: Promoting Statewide Awareness of Cyber Threats and Best Practices
Abstract: In May 2015, Governor Chris Christie established the New Jersey Cybersecurity and Communications Integration Cell, or NJCCIC, to serve as the State’s one-stop-shop for cyber threat information sharing and analysis. Its mission is simple: to promote statewide awareness of cyber threat and widespread adoption of best practices. By bringing together analysts and engineers to identify and respond to local cyber threats, the NJCCIC elevates the barriers to entry for cyber-criminals and reduces New Jersey’s cyber risks.
President, Miburo Solutions, Inc, Fox Fellow, Program on the Middle East, and Senior Fellow–Program on National Security at the Foreign Policy Research Institute
Clinton Watts is a Fox Fellow in FPRI’s Program on the Middle East as well as a Senior Fellow with its Program on National Security. He serves as the President of Miburo Solutions, Inc. Watts’ research focuses on analyzing transnational threat groups operating in local environments on a global scale. Before starting Miburo Solutions, he served as a U.S. Army infantry officer, a FBI Special Agent on a Joint Terrorism Task Force, and as the Executive Officer of the Combating Terrorism Center at West Point (CTC). His publications include: al Qaeda’s (Mis) Adventures in the Horn of Africa, Combating Terrorism Center, 2007 (Co-editor, Co-author); “Can the Anbar Strategy Work in Pakistan?” Small Wars Journal, 2007; “Beyond Iraq and Afghanistan: What Foreign Fighter Data Reveals About the Future of Terrorism?” Small Wars Journal, 2008; “Foreign Fighters: How are they being recruited?” Small Wars Journal, 2008; “Countering Terrorism from the Second Foreign Fighter Glut,” Small Wars Journal, 2009; and, “Capturing the Potential of Outlier Ideas in the Intelligence Community,” Studies in Intelligence – CIA, 2011, (Co-author). He is also the editor of the SelectedWisdom.com blog.
Presentation Title: Cyber Intelligence Fusion: People and Processes
Abstract: The explosion of cyber security attacks has challenged both public and private sector organizations an ever expanding spectrum of cyber actors seeking information for the conduct of crimes and political or social protest. Defenders of cyber networks simply can’t keep pace with the scale of attacks against their systems. Attackers innovate malware far too quickly and share their methods, far outpacing the protections put in place by defenders.
Cyber security focus largely aims to prevent cyber attackers gaining access to networks and systems by employing increasing layers of technology. The real solution for protecting networks from cyber intruders comes not from buying more technology, but instead from talented people that work through dedicated processes to preempt threats before they arise. Today, only through utilizing an intelligence-led information security approach can we meet the challenges of increasingly resilient and persistent cyber threat actors and their methods. Cybersecurity solutions today and in the future will be about people and processes more than technologies.
Special Agent, Cyber Division, Federal Bureau of Investigation
Brad Carpenter is an FBI Special Agent responsible for investigating computer intrusions targeting the financial industry in New York City. He has a productive background investigating financial crimes including money laundering and terrorist financing. Prior to his current role, he acted as the FBI NY Joint Terrorism Task Force (JTTF) Coordinator and was responsible for the FBI incident response to terrorist threats throughout New York City and at high profile Special Events. During his tenure with the FBI, Mr. Carpenter has also been assigned to the Boston Field Office, FBIHQ in Washington DC, US Embassy London, and several other international deployments. As an FBI Instructor, he has conducted domestic and international trainings on Anti-Money Laundering, Terrorist Financing, and Cyber Crime. Mr. Carpenter was a business development professional in the IT Sector, servicing Fortune 500 companies prior to his appointment as an FBI Special Agent.
Presentation Title:The Emerging Cyber Threat
Abstract: Over the last decade, the US has seen a surge in criminal and nation state activity via the use of the internet. Large amounts of money, intellectual property, personally identifiable information, and sensitive data have been exfiltrated from government agencies, private companies, and citizens at an alarming rate. The FBI, however, is postured to investigate and mitigate these criminal and nation state actors and has been increasingly successful with bringing cyber attackers to justice. The FBI leverages its over 100 year experience, its extensive foreign law enforcement relationships, and cutting edge technology to combat these emerging threats to the US and its citizens.
Symposium and Panel Discussion Moderator, Assistant Professor of Administrative Science, FDU
William M. Toms, Assistant Professor of Administrative Science, earned his doctoral degree in Human Resource Development at The George Washington University in Washington, DC. Dr. Toms is a retired Major from the New Jersey State Police where he commanded 800 persons in the Intelligence Section as well as the Investigations Branch, encompassing the organization’s high technology crime entities as well as the forensic laboratories for the State of New Jersey. Dr. Toms also served as Interim President of Brookdale Community College, which receives funding from the National Science Foundation (NSF) for its cyber security efforts. Both of these career experiences provided Dr. Toms with accreditation experience from accrediting bodies such as the Commission on Accreditation for Law Enforcement Agencies (CALEA) and the Middle States Commission on Higher Education (MSCHE). At FDU, Dr. Toms teaches in the graduate programs for homeland security, higher education, and administrative science. Dr. Toms is the coordinator of FDU’s chapter of the Order of the Sword and Shield National Honor Society. This national honor society is dedicated exclusively to homeland security, intelligence, and all protective security disciplines. In 2014, Dr. Toms presented at Naval Postgraduate School’s Annual Homeland Defense and Security Education Summit. The presentation was entitled, Cyber Security and the Need for Strategic Collaboration: A Case Study. In 2014, Dr. Toms also chaired, organized, and facilitated a symposium at FDU that included a focus on IT controls and cyber security threats in schools.