You are missing some Flash content that should appear here! Perhaps your browser cannot display it, or maybe it did not initialize correctly.

Home

GOVTek Monthly Newsletter: Issue 60, August 2009

GTRA Council Meeting
Featured Blogger

Andrew Blumenthal
ANDREW BLUMENTHAL
Chief Technology Officer
ATF

Enterprise Architecture Design
Profile | Blog
GTRA Council Meeting

GTRA Council Meeting
Government Register Here!
GTRA Dec 6-8, 2009
Featured Speakers

Robert Lentz
ROBERT LENTZ
Chief Information Assurance Officer, Office of the Assistant Secretary of Defense, Networks and Information Integration/Chief Information Officer
DEFENSE

Paul Tibbits
PAUL A. TIBBITS, MD

Deputy Chief Information Officer, Office of Enterprise Development
VETERANS AFFAIRS


KEN GRIFFEY
Chief Information Officer, Stennis Space Center
NASA


CHRISTOPHER GARCIA
Director, Cyber Security and Incident Response Center
FAA


TIM SCHMIDT
Chief Technology Officer

TRANSPORTATION


WALT OKON
Senior Architect Engineer,
Enterprise Architecture & Standards
DEFENSE

Dr. Suzanne Acar
DR. SUZANNE ACAR

Principal Data Architect
DAS

Doreen Cox
DOREEN COX

Chief Architect
CUSTOMS & BORDER PROTECTIONS

NIH
PETER ALTERMAN
Senior Advisor for Strategic Initiatives
NATIONAL INSTITUTES OF HEALTH

Peter Mell
PETER MELL
Cloud Computing Project Lead, Senior Computer Scientist
NIST
Solution Providers

Authernative

Core Security

Fortify Software

IronKey
GTRA Partners

AIM Global
CFOBook

CIOBook
CIOZone
FEAC Institute
GCIO

GOVBook

Graduate School USDA

ICT Council

IJIS

ISSA
Mansfield Sales Partners

NASCIO
NIEM

SOA Consortium

Telework Exchange

UCSA International
Connect with GTRA

GTRA Member Sign-Up
Forum Discussions
Twitter
LinkedIn
Facebook
Program Development Research
GTRA Programs

ArchitectureGOV
SecureGOV
GreenGOV
DefenseGOV
MobileGOV
HealthITGOV
LeadershipGOV

GTRA LinkedIn

ArchitectureGOV LinkedIn

SecureGOV LinkedIn

GreenGOV LinkedIn

MobileGOV LinkedIn

DefenseGOV LinkedIn

HealthITGOV LinkedIn

LeadershipGOV LinkedIn

HrGOV LinkedIn
Top Headlines
White House Cyber Adviser Melissa Hathaway Resigns
Hathaway was viewed as the front runner for the yet to be appointed 'Cyber Czar" role

NIST Releases 'Historic' Final Version of Special Publication 800-53e
This NIST collaboration with military and intelligence communities has provided the first set of security controls for all government information systems, including national security systems

The Army's Gary Winkler: Master of Change
Interview with the head of the army's $8 billion modernization of core business systems

Acquisition Reforms Rush Forward While Top OFPP Seat Remains Empty
Obama has made it clear through memos and other actions that acquisition reform is critical, but his administration needs to apopoint a chief of procurement if they want to make any real change

Featured News
Microsoft Exec Offers Tips for CIOs Moving to the Cloud
Former Microsoft CIO gives advice to federal CIOs about how to make a move to the cloud and discusses the benefits Cloud Computing can bring to an agency/department

Security Issues May Lead DOD to Ban Use of Social Media
Fear over giving hackers access to military networks is the driver behind a potential DoD-wide ban of social networking sites like Twitter and FaceBook

FDsys Makes America's Documents Immediate and Permanent
Interesting Case Study of the Government Printing Office's content management system

New Alliance to Tackle Cloud Computing Standards
The group will focus on cloud computing and storage standards aimed at giving IT leaders trusted tools to implement cloud networks

The Promise and Perils of Data.gov Lie in the Metadata
Like most new technologies, Metadata registries will take time to mature so patience is needed until this occurs

McNamara: Give Info-Sharing Office More Authority
Outgoing Information Sharing Environment program manager McNamara said his office needs more control and budget authority in order to effectively meet its mission and objectives

Private Cybersecurity Commission to Continue
The group will expand on its original report and aim at providing more detail on next steps to support needs identified by Obama

Research and Publications
Press Release:  IronKey Unveils World's Most Physically and Cryptographically Secure USB Flash Drive
IronKey announced the launch of its S200 device for government and enterprise customers, featuring hardened physical security, the latest Cryptochip technology, active anti-malware and enhanced management capabilities.

Press Release:  Survey Reveals Employees Evade and Ignore Network Security Policies
There is a general lack of awareness and enforcement of security policies and procedures in companies today, according to new research announced by privacy and information management research firm, Ponemon Institute.

Press Release:  IronKey is the First and Only USB Storage Device to Achieve FIPS 140-2 Level 3 Validation
IronKey announced that its new IronKey S200 products are the first portable USB storage devices to gain full approval from the National Institute of Standards and Technology (NIST) for Federal Information Processing Standards (FIPS) 140-2, Security Level 3 validation.

White Paper:  Authentication-as-a-Service
Commonly referred to as two-factor authentication (2FA), 2FA adds additional security to authentication and represents a higher level of trust between consumers and online businesses

White Paper:  How Service-Oriented Architecture (SOA) Impacts Your IT Infrastructure
Unlike previous types of architecture, SOA introduces changes that most IT organizations have not anticipated; you must ensure that your IT infrastructure can support the dynamic nature of an SOA

White Paper:  What Possible Computer Disasters Can Be Associated With "Cloud Computing"?
When something affects cloud storage, things can go disastrously wrong for many end users

White Paper:  Intelligent Solutions for the Social Web
Social networks need the ability to innovate freely, adapt quickly, and capitalize on every success-no matter how sudden or unexpected

Blog:  The IJIS Factor
Strategic Thinking for innovations in government through technology

Announcement:  NIEM 2009 National Training Event
The NIEM 2009 National Training Event promises to be the definitive training event on the National Information Exchange Model (NIEM) and information sharing

Announcement:  NIEM 2.1 Release
The much-anticipated National Information Exchange Model (NIEM) Version 2.1 is planned to take place prior to the National NIEM Training Event

Announcement:  The Best of NIEM Awards 2009
The NIEM Program is now accepting nominations to recognize NIEM implementation projects that demonstrate how intergovernmental collaboration and innovative technology deliver results that increase government transparency, improve performance, and enable civic engagement

Announcement:  Telework Exchange Fall Town Hall Meeting
The sixth Telework Exchange Town Hall Meeting will provide the opportunity for government and industry attendees to participate in an open dialogue on best practices in building and expanding telework programs within the Federal government.

GTRA Council Meeting
The GTRA Council Meeting is an invitation-only executive-level meeting
for government and IT leaders who come together to collaborate,
network, share best practices and lessons learned across the areas
paramount to achieving the goals and objectives set forth by the new
administration including:
Cloud Computing Web 2.0
Cyber Security Enterprise Architecture
Leadership

Over the course of three days, attendees will participate in roundtable disucssions, presentations, live demonstrations and networking functions designed to focus on the topics most critical to supporting the areas mentioned above, including:

  • Information Sharing
  • Identity & Access Management
  • Transparency & Open Government
  • Social Networking
  • Project Management & Project Improvement
  • Cyber Terrorism & Cyber Warfare
  • The National GRID
  • Software-as-a-Service
  • Recovery Act
  • Portfolio & Program Management
  • Metadata
  • Knowledge Management
  • Acquisition Management
  • Infrastructure Optimization & Modernization
  • Net-Centricity
  • Geospatial
  • Privacy
  • Leadership
  • IT & Business Collaboration
  • Virtualization
  • Mobile/Wireless
  • Green IT & Sustainability
Over the course of three days, cutting edge curriculum is delivered by
government and industry leaders through a dynamic blend of
presentations, panels, live-demonstrations, roundtable discussions, and
boardroom meetings designed to be highly interactive and facilitate
information exchange at the executive level. Complimenting the
curriculum, a heavy focus on networking functions is designed to foster
and solidify peer relationships through collaborative banquets,
networking events, cocktail receptions and entertainment.


RSVP TODAY FOR EARLY DISCOUNT RATE:
Pre-Register by Sept. 1st,
Pay Only $399!

Government Tuition Includes:
  • Access to All
    Sessions
  • Earn FEAC & GTRA CEUs
  • Breakfast, Lunch & Dinner
    Banquets
  • Access to Presentations
    Post-Event
  • Customized Itinerary Agenda
  • Networking, Receptions,
    Entertainment
  • Special Workshops
  • Recorded Broadcast Sessions
  • Collaborate Prior To and After the Event
    With Speakers!
DefenseGOV
 
New DefenseGOV Program!  Promoting Civilian, Defense and Intelligence Agency Collaboration

 As meeting our country's National Security objective can only be
achieved through true government-wide collaboration between Civilian,
Defense and Intelligence agencies, GTRA is excited to announce the
addition of a DefenseGOV program to the December 2009 GTRA Council
Meeting, focusing on addressing the needs and concerns facing IT
executives responsible for National Security in a Digital Age. Key
topics include:

  • Net-Centricity
  • Cyber-Terrorism
  • Information Sharing
  • Identity Management
  • Risk Management
  • Infrastructure Modernization
  • Geospatial
  • Social Networking / Web 2.0
  • Service Oriented Architecture

Green Bus


Casino Night
CALL FOR SPEAKERS & COUNCIL MEMBERS!
GTRA is conducting curriculum development research for the GTRA Council Meeting December 6-8 www.GTRACouncilMeeting.org

We encourage our members to participate in creating this program. Please submit papers or speaker recommendations

 for federal CXOs and other IT leaders to join the program and GTRA Council! 
 
Parham Eftekhari
Director of Research
773.517.8534 (mobile)
parhame@gtra.org
Security Seminar - FREE for GTRA Members!

Best in Class Security Solutions Seminar:  Cyber
Security, File Attribution & Anti-Phishing
Brought To You By:

GTRA PhishMe Guidance Software


DATE:  October 8, 2009, 9:00am

LOCATION: 1701 Pennsylvania Ave NW Ste 300, Washington DC 20006
COST:  FREE for GTRA Members ($99 for Non-Members)
INCLUDES:  Access to Live Demonstrations and Sessions, Breakfast and Lunch Reception, Post-Event Access to Content, Discussions, and Resources via GTRA Members Portal

CLICK HERE TO RSVP

Spear Phishing: Can Your Workforce Dodge the Hook?
 

Rohyt Belani Rohyt Belani
President & CEO
PhishMe.com
PhishMe

A recent research report (by iDefense labs) indicated
that over 15,000 employees have fallen prey to spear phishing attacks over the
last 15 months. This is attributable to the increased sophistication of these
types of attacks, lack of employee awareness, and the failure of reactive
technologies in addressing the threat. In this session, we will provide
perspective on the problem by discussing the anatomy of a real phishing attack
that we responded to; one that almost brought down critical infrastructure used
for power generation. Following the case study, we will demonstrate
PhishMe.com, a Software-as-a-Service solution designed to help prevent damage,
theft and loss caused by targeted phishing attacks through innovative employee
training. PhishMe facilitates and automates the execution of mock phishing
exercises (that emulate real spear phishing attacks) against your workforce,
provides clear and accurate reporting on user behavior, and most importantly
provides instant, targeted employee training to those found susceptible.
  This method of training employees is recommended by SANS, proven to
be most effective by researchers at Carnegie Mellon University, been used used
effectively at the US Military Academy - West Point, and can be easily
implemented in your organization.

File Attribution Best Practices -
File Hashing vs File
Entropy

Jim Butterworth Jim Butterworth
Senior Director of Cyber Security
Guidance Software
Guidance Software

There is great value in unambiguous detection of specific
files, yet there are many situations where you would like to find files that
are similar to the files in a set, but not identical. For instance:


  • Document versions: Documents that
    have been changed slightly will have a completely different hash value. If you
    have a copy of a document, simply opening the document and saving it again,
    without making any changes to the text, is usually enough to change the hash
    value of the document, due to the changing values of the embedded meta-data.
  • Polymorphic malware: The executable "mutates" itself slightly as it spreads throughout the
    network, in order to defeat hash-based detection schemes.  Every copy of
    the file on the network has a different hash value, making detection and
    cataloging difficult.
  • Different builds of executables: Executables that have the same source code, but are compiled with
    different settings, or with a different version number, will have distinct hash
    values.
  • Email Threads:  Email software often concatenates "quoting" sequences to an email
    body when you reply or forward the email. Although the text is "essentially
    the same" those characters will change the hash of the text, making it
    tough to identify in an automated fashion.

Although there are many uses for the classic hash value,
there are many situations where its "all or nothing" character makes
it unsuitable.  In this session, Jim Butterworth, Sr. Director of Cyber
Security with Guidance Software will show how/why the use of Entropy processing
technology can be used in the above use cases. 


Confirmed Council Members & Speakers

Dr. Suzanne Acar, Principal Data Architect, DAS (Speaker & Enterprise Architecture Council) 
Deedee Akeo, Chief Architect, Business Transformation Agency (Enterprise Architecture Council) 
Lynn Allen, Deputy Chief Information Officer for Business and Technology Modernization, HUD (Security Council) 
Dr. Peter Alterman, Deputy Associate Administrator for Technology Strategy, Office of Government-wide Policy, GSA (Security Council)
Gregg "Skip" Bailey, Former Chief Information Officer, ATF, Justice (Enterprise Architecture Council)
Frank Bauer, Vice President for Government Training and Professional Development, Graduate School, USDA (HR Council)
Dr. Scott Bernard, Deputy Chief Information Officer, Federal Railroad Administration, Transportation (Enterprise Architecture Council)
Andrew Blumenthal, Chief Technology Officer, ATF, Justice (Enterprise Architecture Council)
Dr. W. Stan Boddie, PMP, CISSP, Professor of Systems Management, Information Resource Management College, NDU (HR Council)
Dr. Barry Brown, Deputy Director, Enterprise Systems Engineer, Customs and Border Protection, DHS (Enterprise Architecture Council)
Richard "Dick" Burk, Chair, Health IT Committee, GTRA (Health IT Council)

Jonathan Cantor, Executive Director, Office of Privacy & Disclosure, Office of the General Counsel, SSA (Security Council)
Michael Castagna, Chief Information Security Officer, Commerce (Security Council)
Marian Cody, Chief Information Security Officer, HUD (Security Council)
Colleen Coggins, Chief Knowledge Officer, Interior (Enterprise Architecture Council)
Doreen Cox, Chief Architect, Customs & Border Protection Department, DHS (Speaker & Enterprise Architecture Council)
Elisa Cruz, Chief Information Security Officer, FEMA (Security Council)
Linda Cureton, Chief Information Officer, NASA (Enterprise Architecture Council)
Kevin Deeley, Chief Information Security Officer, Justice (Security Council)
Brian Doerk, Senior Enterprise Architect, PMP, Treasury (Enterprise Architecture Council)
Steve Elky, Chief Information Security Officer, Library of Congress (Security Council)
Norman Enger, Former Director,Human Resources Line of Business Program Management Office, OPM (HR Council)
Frederic Foley, Chief Architect and Director of Enterprise Architecture, US Coast Guard (Enterprise Architecture Council)
Ylanda Ford, Director, Enterprise Architecture, OCIO, HUD (Enterprise Architecture Council)
Christopher Fornecker, Chief Technology Officer, Integrated Acquisition Environment, GSA (Enterprise Architecture Council)
Sharon Fratta-Hill, Ph.D., VP of Academic Programs and Continuing Education, Graduate School, USDA (Enterprise Architecture Council)
Christopher Garcia, Director, Cyber Security and Incident Response Center, FAA (Speaker & Security Council)
Ned Goldberg, Chief Information Security Officer, FDIC (Security Council)
Ken Griffey, Chief Information Officer, Stennis Space Center, NASA (Speaker & Enterprise Architecture Council)
Ira Grossman, Chief Enterprise Architect, Federal Emergency Management Agency (Enterprise Architecture Council)
Chris Hardy, Director, e-Learning and Technology Center, DAU (HR Council)
Brad Harshman, Chief Enterprise Architect, National Nuclear Security Administration, Energy (Enterprise Architecture Council)
Kenneth Heitkamp, Assistant Chief Information Officer for LifeCycle Management, Air Force (Security Council)
Dennis Heretick, Former Chief Information Security Officer, Justice (Security Council)
Randolph C. Hite, Director, IT Architecture & Systems Issues, GAO (Enterprise Architecture Council)
Patrick Howard, Chief Information Security Officer, NRC (Security Council) 
Marlene Howze, Chief Architect/Enterprise Architecture Program Manager, Labor (Enterprise Architecture Council)
Jack Israel, Chief Technology Officer, FBI (Security Council)
James Johnson, Chief Information Officer, Congressional Budget Office (Enterprise Architecture Council)
Richard Klemmer, Chief Enterprise Architect, NTIA, Commerce (Enterprise Architecture Council)

Mischel Kwon, Director, US-CERT, DHS (Security Council)
Mary Lacey, Deputy Program Director, AEGIS Ballistic Missile Defense, Missile Defense Agency (Security Council)
Neela Lakhmani, Assistant Director, Information Technology Architecture & Systems Issues, GAO (Speaker)
Kevin Lawson, Branch Chief, Applications Development Branch, TSA (Enterprise Architecture Council)

Robert Lentz, Chief Information Assurance Officer, Office of the Assistant Secretary of Defense, Networks and Information Integration / Chief Information Officer, Defense (Speaker)
Phillip Loranger, Deputy Chief Information Security Officer, Education (Security Council)
Jay Mahanand, Deputy Chief Information Officer / Chief Technology Officer, US Mint (Enterprise Architecture Council)
Randy Maples, CEA, Deputy Chief Information Officer - Management, FTC (Enterprise Architecture Council)
Ethel Matthews, Senior Advisor to Chief Information Officer, Security and Privacy, SBA (Security Council)
Mary McCaffery, Senior Advisor, Assistant Administrator, EPA (Enterprise Architecture Council)
Michael McFarren, Senior Principal, Information Systems Engineer, MITRE (Speaker & Enterprise Architecture Council)
Debra McKeldin, Chief Enterprise Architect, Centers for Medicare and Medicaid Services, HHS (Enterprise Architecture Council)
John McManus, Former Deputy Chief Information Officer and Chief Technology Officer, Commerce (Enterprise Architecture Council)
Margaret Mech, Chief Information Security Officer, FTC (Security Council)

Peter Mell, Cloud Computing Project Lead, Senior Computer Scientist, NIST (Speaker)
Matt Newman, Professor of Systems Management, NDU (Enterprise Architecture Council)
Jillian O'Connell, Chief, Enterprise Investment and Information Management, US Geological Survey (Enterprise Architecture Council)
Walt Okon, Senior Enterprise Architect, DoD Enterprise Architecture & Standards Directorate, Defense (Speaker & Enterprise Architecture Council)
Bajinder Paul, Chief Information Officer of the Office of the Comptroller of the Currency, Treasury (Enterprise Architecture Council)
Richard Prentiss, Chief Information Security Officer, Office of Thrift Supervision, Treasury (Security Council)
Ken Rogers, Director of Enterprise Architecture and Strategic Planning, State (Enterprise Architecture Council)
Joe Rose, Chief Architect, Education (Enterprise Architecture Council)
Larry Ruffin, Chief Information Security Officer, Interior (Security Council)
Timothy Ruland, Chief Information Security Officer, Census Bureau (Security Council)
Peter Sand, Director of Privacy Technology, DHS (Security Council)
Dr. Ronald Sanders, Associate Director of National Intelligence for Human Capital, Chief Human Capital Officer, DNI (HR Council)
Daniel Sands, Chief Information Security Officer, Director, Information Security and Awareness Office, OCIO, National Institutes of Health, HHS (Security Council)
Marco Santini, Deputy Director, Customer Accounts & Research, GSA (HR Council)
Daud Santosa, Chief Technology Officer, National Business Center, Interior (Enterprise Architecture Council)
Derek Scarbrough, Chief Information Officer, Institute of Museum and Library Services (GTRA Council Member)
Michael Schievelbein, Project Manager & Solutions Architect, Solutions Coordination Office, National Business Center, Interior (Enterprise Architecture Council)
Tim Schmidt, Chief Technology Officer, Transportation (Speaker & Mobile/Wireless Council)
Frederick Schobert, Chief Technology Officer, Federal Acquisition Office's Integrated Technology Services, GSA (Enterprise Architecture Council)
Joe Seger, Deputy Chief Information Security Officer, Interior (Security Council)
Donna K. Seymour, Deputy Assistant for Administration for the Under Secretary of the Navy, Navy (Enterprise Architecture Council)
Rene E. Smeraglia, Chief Information Security Officer, US Mint, Treasury (Security Council)
David Stender,
Associate CIO for Cybersecurity, Chief Information Security Officer, IRS (Security Council)
John Sullivan, Chief Architect and Associate Director, EPA (Enterprise Architecture Council)
Peter Sullivan, Director, Office of the Chief Information Officer, Labor (Enterprise Architecture Council)
Eric Sweden, Chief Enterprise Architect, NASCIO (Enterprise Architecture Council)
Harry Tabak, Enterprise Architect, National Weather Service (Enterprise Architecture Council)
George Thomas, Chief Enterprise Architect, GSA (Enterprise Architecture Council)
James Trinka, Director, Training and Technical Development, FAA (HR Council)
Arleas Upton-Kea, Director, Division of Administration, FDIC (HR Council)
Tan Van Luong, Chief Enterprise Architect, US Mint, Treasury (Enterprise Architecture Council)
Brian Wilczynski, Director, Enterprise Architecture & Standards, Defense (Enterprise Architecture Council)
Dennis Wisnosky, Chief Architect, Chief Technical Officer, Business Mission Area, Defense (Enterprise Architecture Council)
Paul Wormeli, Executive Director, Integrated Justice Information Systems Institute (Enterprise Architecture Council)
Col. Douglas Wreath, Director, Net Centric Operations
Division, Joint Planning and Development Office (JPDO) (Enterprise Architecture Council)
Dr. Robert "Rocky" Young, Associate Professor of Systems Management, NDU (Enterprise Architecture Council)
David Zeppieri, Chief Information Officer, Overseas Private Investment Corporation (Enterprise Architecture Council)
Become a GTRA Member
GTRA

SIGN UP TODAY FOR A FREE GTRA MEMBERSHIP!
Collaborate, Share Ideas, Network With Your Government Technology
Peers! 

CREATE YOUR OWN BLOG
Register to become a GTRA Member and share your ideas with and receive feedback from the community via
your own personal GTRA.org blog.


Please don't hesitate to contact us should you have any questions or
need assistance, and I look forward to seeing you in December!
 
Warm Regards,
 

Deborah Kay

Government Technology Research Alliance (GTRA)
202.248.5411 Office
202.536.3179 Direct
312.399.7341 Mobile
202.351.0569 Fax
deborahk@gtra.org
www.GTRA.org
www.GTRASymposium.org
 

GTRA - Revolutionizing the way Government & Technology Collaborate

 

Save $600!

RSVP for the GTRA Council Meeting before Sept 1st and pay only $399, a 60% discount off
of the regular tuition price.  CLICK HERE
to pre-register now!
 
*For non-government and industry sponsor participation please contact kellyy@gtra.org

Offer Expires:  Sept 1, 2009