Cybersecurity: Protect, Detect and Respond

Cloud computing, mobile devices, the Internet of Things, and the increasing digitization of information and processes are pushing agencies toward a hybrid computing environment. This is when agencies have a mix of on premise and commercial cloud infrastructures.

Among the challenges these hybrid environments present are around securing your data.

On one hand, experts say moving non-mission critical systems and data to the public cloud offers flexibility and agility with little worry.

On the other hand, experts also say keeping mission critical on-premise or in a government only commercial cloud helps with peace of mind and confidence that your systems are secure.

But at the same time, running a hybrid IT environment could create line of sight problems between both on-premise and cloud systems. Cyber professionals can see what’s happening on internal systems or external systems, but not both, especially when data is shared among the two environments.

The dual environments also create cyber challenges for securing mobile devices.

This is why emerging approaches to cybersecurity such as automation and machine learning can give agencies the eyes and ears that they otherwise wouldn’t have in trying to secure the dual environments filled with an ever-increasing number of end points and therefore threats.

To move to and secure this hybrid environment, agencies have a lot to consider, including workforce training and how best to use data analytics.

 

Moderator

Jason MillerJason Miller

Jason Miller is a reporter whose work focuses mainly on technology and procurement issues, including cybersecurity, e-government and acquisition policies and programs.

 

Panelists

Marlon Andrews, Deputy Chief Information Officer, National Archives and Records Administration

Mr. Andrews as Deputy CIO of NARA works to maintain world class technology operations for internal and external customers, oversee information security, integrate Cloud-based service solutions, and reduce costs. Marlon provides strategic oversight of NARA’s nationwide technology infrastructure, and in the absence of the CIO, will manage the day-to-day functions of Information Services. Mr. Andrews will also work to develop policy, upgrade current technology and implement mobile solutions.

Mr. Andrews came to NARA from the City of Alexandria, where he served as Deputy Director and Chief Information Security Officer. He is an accomplished senior manager with over 15 years experience in leading IT engineering groups for both the Federal Government and the private sector. He has proven experience in implementing complex technology projects and a proven track record for mentoring junior IT professionals.

Mr. Andrews holds a Bachelor of Science degree in Healthcare Management from Southern Illinois University as well as an MBA from Webster University. He also holds numerous IT certifications, including the Certified Information Systems Security Professional (CISSP), Project Management Professional (PMP) and Microsoft Certified Solutions Expert (MCSE). In 1999. Mr. Andrews was honorably discharged from the United States Navy after eight years, which included duty in the Persian Gulf, Haiti and other locations around the world.

Mr. Andrews is a Washington DC resident residing in the Trinidad neighborhood of NE.

 

Guy Cavallo, Deputy Chief Information Officer, Small Business Administration

Guy Cavallo joined SBA as the Deputy CIO, moving from TSA where he was the Executive Director for IT Operations.  His career has been almost evenly split between the private and public sectors.  Before rejoining the federal government, he spent 13 years in the private sector specializing in implementing new technologies in government organizations, with nine of those years as a Senior Government Technology Advisor at Microsoft Corporation.

Earlier in his career his private sector experience included starting his own small business to develop and deliver computer training for business users.  His firm, Executive Computer Training Centers, was recognized by PC Week magazine as one of the nation’s leading training companies at the time.

Cavallo’s previous government leadership positions at TSA, the Corporation for National Service, the Securities and Exchange Commission, and the City of Charlotte, NC have provided him with an extensive government enterprise technology background to bring to the SBA Deputy Director’s role.   At TSA he led the transformation of the IT organization from being hardware and data center centric to being customer focused using innovative technology solutions based such as the cloud and agile practices.  At the Corporation for National Service he led all technology efforts in the launch of this new federal agency.  At the City of Charlotte, NC he revamped the entire IT organization and successfully led the updating to current technologies in an organization that was significantly behind the times.

Throughout his public and private sector careers, Cavallo has been recognized as an innovative technology leader and has received numerous awards, including winning seven major customer awards at Microsoft and being selected for the Federal 100 for his accomplishments at the Corporation for National Service.  Since returning to the federal government, he has been nominated for the FedScoop 50 awards for being a: Technology Disruptor (2016); and for Federal Leadership (2015).

 

Jay Huie, Director, Secure Cloud Portfolio, Technology Transformation Service, U.S. General Services Administration

Jay Huie has spent over 15 years guiding the evolution and adoption of technology within federal and enterprise environments. His expertise includes bringing a multi-discipline approach to help agencies achieve their missions. He currently serves as the Director for the GSA TTS Secure Cloud Portfolio, which includes the FedRAMP program. The mission of the Secure Cloud Portfolio is to accelerate cloud adoption, build connections between government and industry as well as build partnerships between the two in service of ensuring agencies are more effectively able to achieve their missions. Most recently, Jay has been tasked to lead the GSA’s Cloud Adoption Center of Excellence supporting the White House Office of American Innovation. In this role, he will build specific capabilities to assist efforts by government agencies to leverage modern technology and cloud services.

Jay has had experience as a developer, system administrator, policy wonk, architect, and technology executive. He previously worked at 18F where he enjoyed, “balancing traditional and the modern techniques for realizing the results we all hope to have for our nation.” Prior to GSA, Jay was a Chief Technology Officer, working with agencies such as the Federal Reserve Board, Department of Energy, and Department of State to establish and manage initiatives including data management services, cloud computing infrastructure, and strategic governance through the practical application of enterprise architecture and capital planning and management activities.

“I have always felt the desire to integrate capabilities across Government, and promote a collaborative approach to our collective mission to provide services and opportunities for the public,” Jay said. “I am driven by a desire for ‘infinite ROI’ where one agency problem can be solved by another agency’s existing program – if only the dots are connected, and the bridges built.”

 

Susie Adams, Chief Technology Officer, Microsoft Federal

Susie Adams is the Chief Technology Officer for Microsoft’s Federal Government business and brings with her over 30 years of IT experience.  Susie joined Microsoft in 1999 and has held several leadership positions in Microsoft including the Director of the Microsoft Reston Virginia Technology Center and most recently the CTO of the Federal Civilian Business. Prior to joining Microsoft, she spent 16 years in the consulting arena working with customers in both the commercial and government sectors.  She held a variety of management and leadership roles including practice manager, systems analyst and software developer.   Susie is a past Fed100 award winner and has authored several books on the topics of software integration and web development.   Susie is a graduate of George Mason University where she received a BS in Information Systems.

 

Dr. Matthew McFadden, Cybersecurity Director, CSRA

As CSRA’s Cybersecurity Director, Dr. Matthew McFadden spearheads cyber security-related projects in the health, civilian, defense, Homeland Security, and Intelligence Community and with our partners develops repeatable offerings and capabilities to solve our customer mission challenges.  He is responsible for improving cyber awareness, training, protection and skills within CSRA’s 1,500 cybersecurity-focused professionals as well as promoting thought leadership as a way to display CSRA’s cybersecurity qualifications.

As an industry recognized expert, most recently, Dr. McFadden served as Chief Technologist for the Defense Innovation Cell, which provides expertise and innovation to customers in the Department of Defense. There, he supported CSRA’s Defense Cyber Crime Center’s (DC3) Defense Cyber Investigations Training Academy (DCITA) program for the past nine years.

Prior to his tenure at CSRA, Dr. McFadden supported the company’s legacy cyber practice with Computer Sciences Corporation (CSC) as a Distinguished Engineer in the Office of the Chief Technology Officer.

Dr. McFadden has undergraduate and master’s degrees from the University of Advancing Technology in Tempe, Arizona and received his Doctorate of Computer Science from Colorado Technical University. He is also a published author, presenter, and researcher, and holds numerous industry IT certifications. Dr. McFadden was the team captain of CSRA’s winning Palmetto Cyber Defense Competition teams (2016 and 2017).