Additional Event Recaps

CCEI FALL 2017 SYMPOSIUM - CYBER AT THE CROSSROADS

---

On October 10, 2017, the Cyber Center for Education & Innovation (CCEI), Home of the National Cryptologic Museum (NCM) partnered with the University of Maryland University College (UMUC) to host Cyber at the Crossroads, a one-day symposium of renowned national cybersecurity leaders, including experts from past and current administrations, the U.S. military, industry, and academia for a discussion of the past, present, and future of the security of our nation’s cyber infrastructure. The symposium was held in Adelphi, MD and was an associated event of CyberMaryland 2017. See photos from the event located below - as well as background information about the program and the full agenda. Many thanks to those on Twitter who shared photos from the event.

Please see this related article for FCW.com by William Cohen: The 20-Year Climb to an Elevated Cybercom: How a 1997 Military Exercise Sparked the Eventual Creation of a Unified Combatant Command for Cyber.

About the Symposium

Events in 1997 and 1998 demonstrated gaps in the ability of the U.S. government to detect and respond to an attack on its information systems and uncovered the vulnerabilities of our national critical infrastructure to coordinated cyber attacks. The 1997 Department of Defense Exercise Eligible Receiver 97 (ER97) is widely viewed as a stark and alarming institutional wakeup call, and a series of real-world cyber events which followed seemed to validate many of the observations from ER97. The national initiatives and organizational changes that these events set in motion—including the publication of Presidential Decision Directive 63 (Critical Infrastructure Protection), the establishment of the National Infrastructure Protection Center, and the creation of a military command structure that is the predecessor to U.S. CYBER COMMAND—are still playing out today. (See a related article by William S. Cohen published on FCW.com on 10/9/2017.)

This summer marks the 20th anniversary of ER97, and many believe that today we are at a crossroads with regard to cyber as an underpinning of our military, economic, financial, and political systems. In the 20 years since ER97, what progress have we made regarding the security of our cyber-enabled systems? Are we becoming more secure, or are we losing ground?

With the benefit of 20 years’ experience and recently declassified material, this symposium will explore the roots of ER97 and the resulting initiatives; look at applications to today’s cyber issues and highlight some important choices facing us; explore some alternative cyber futures; and discuss current administration initiatives to secure America’s cyber infrastructure.

SYMPOSIUM CHAIRMAN
Lt. Gen. Ken Minihan (U.S. Air Force, Ret.)
Director, National Security Agency (1996–1999)
Chairman, CCEI-NCM Founders Group

KEYNOTE SPEAKERS
* Rob Joyce, White House Cybersecurity Coordinator
* Dr. Thomas Rid, Professor of Strategic Studies, Johns Hopkins University School of Advanced International Studies
* Dr. John Hamre, President and CEO, Center for Strategic and International Studies (Deputy Secretary of Defense (1997–2000)

***LEARN ABOUT THE SYMPOSIUM SPEAKERS***

PANEL TOPICS
Past – What did ER97 tell us about the state of our cyber defenses and what actions resulted?
Present – What progress have we made in 20 years in key areas of organization, training and education, and what important choices face us today?
Future – How will an interconnected world change our laws, policies, governance and international norms that underpin the stability of the global cyber systems on which we depend?

***SEE THE FULL AGENDA BELOW***

AGENDA

AGENDA

Cyber at the Crossroads
Cyber Center for Education & Innovation, Home of the National Cryptologic Museum
Fall Symposium
University of Maryland University College
College Park Marriott Hotel & Conference Center
Tuesday, October 10, 2017
8 a.m.–6:30 p.m.

REGISTRATION AND CONTINENTAL BREAKFAST
8–9 a.m. | Lobby

WELCOME AND SYMPOSIUM OVERVIEW

9–9:30 a.m | Chesapeake Salons A & B

Symposium Welcome

Lt. Gen. Ken Minihan (U.S. Air Force, Ret.)

Symposium Chair

Chairman, CCEI-NCM Founders Group

Greetings

President Javier Miyares
University of Maryland University College

Symposium Overview

Lt. Gen. John Campbell (U.S. Air Force, Ret.)
Senior Advisor, CCEI-NCM
 

PANEL ONE - ELIGIBLE RECEIVER 97: A WAKEUP CALL

9:30 a.m.–10:45 a.m. | Chesapeake Salons A & B

Exercise Eligible Receiver 97 (ER97) demonstrated that the US Government was ill-prepared to detect and defend against even a moderately sophisticated cyber attack.  ER97 alarmed key leaders in DOD and the Interagency and set in motion events that are still playing out, including new cyber policy and new organizational structures which were the predecessors of today’s US Cyber Command.  John Hamre, Deputy Secretary of Defense in 1997, famously said “Just like Sept. 11 changed our consciousness about the vulnerability of airplanes, Eligible Receiver changed our consciousness about our vulnerability to cyber warfare”.  This panel, made up of individuals directly involved with the 1997 exercise, will act as a scene-setter for the symposium and discuss how the exercise was conducted, what it revealed, what actions resulted, and how today’s cyber initiatives are still being influenced by ER97 lessons learned.  

Moderator

Professor Jason Healey (invited)
Senior Research Scholar, Columbia University
Senior Fellow, Atlantic Council

Session Speakers

Lt. Gen. Ken Minihan (U.S. Air Force, Ret.)
Director (1996-1999)
National Security Agency
Managing Director Paladin Capital Group

CAPT Michael Sare (U.S. Navy, Ret.)
Director
ER97 Red Team

Mrs. Roberta Stempfley
Director, Cyber Strategy Implementation
The MITRE Corporation
Assistant Secretary, Office of CyberSecurity and Communications, DHS (2010-2015)

Lt. Gen. John Campbell (U.S. Air Force, Ret.)
Commander (1998-2000)
Joint Task force – Computer Network Defense
Senior Advisor, CCEI-NCM

BREAK

10:45–11 a.m. | Chesapeake Salon C

MORNING KEYNOTE

11 a.m.–12 p.m. | Chesapeake Salons A & B

Keynote Speaker

Dr. John Hamre
President and CEO
Center for Strategic and International Studies (CSIS)
Deputy Secretary of Defense (1997–2000)

Dr. John Hamre was the deputy secretary of defense during ER97 and provided senior supervision of the exercise as well as the visionary DOD leadership needed to enact organizational and doctrinal changes to address its findings.  In his post-DOD career as chairman and CEO of CSIS, Dr. Hamre has been a leader in the evolution of our national cybersecurity strategy.  Dr Hamre will discuss his perspectives on the exercise, what it showed us, and what effects it has had on our current national cybersecurity enterprise.  With more than two decades of national cybersecurity leadership, Dr Hamre is uniquely qualified to comment on our past, present, and future.

LUNCHEON KEYNOTE

12–1:15 p.m. | Potomac Salons 1 & 2

CCEI-NCM Overview

MGEN Rod Isler (U.S. Army, Ret.), Vice President, CCEI-NCM Campaign

Keynote Speaker TBD

BREAK

1:15–1:30 p.m. | Chesapeake Salon C

PANEL TWO - CYBER ORGANIZATION, EDUCATION AND TRAINING: IMPERATIVES TO DEAL WITH PRESENT AND EVOLVING THREATS

1:30–2:45 p.m. | Chesapeake Salons A & B

Session Overview

In the wake of ER97 and other real-world cyber events over the past 20 years, the cyber threat has become broadly recognized, and the nature of the threat has continued to evolve. Today its scope and scale have expanded to touch nearly every aspect of our interconnected society.  Employed by hackers, criminals, terrorists, transnational and nation-state sponsored groups, the target set has expanded from basic communications services to include most every service and critical infrastructure that relies on information technology. In addition, cyber-enabled information operations are a powerful tool to influence public opinion and, as a consequence, public policy. However, while virtually every institution and equity in daily life has been influenced by some aspect of the expanded “cyber threat,” the responses of such organizations have been dissimilar and uneven. There is a continually growing need for development of expert practitioners to manage technology systems engaged in these processes, and to inoculate society broadly against the effects of systemic disinformation, media manipulation, and attack on fundamental institutions of society. Some say that we have already seen the “golden age of the Internet” when it was possible to conduct business and control industrial processes safely and reliably.  Are we now at an inflection point—or crossroads—in the evolution of our cyber ecosystem?  If so, what issues are important today to set conditions for success in the future? This broadly based panel will seek to examine the current state of readiness, response, and planning to address the range of cyber-related concerns and priorities across government, industry, and academia.

Moderator

ADM William O. Studeman (U.S. Navy, Ret.)
Deputy Director of Central Intelligence (1992–1995)
Director, National Security Agency (1989–1992)

Speakers

Hon. Steven Cambone
Undersecretary of Defense for Intelligence (2003–2007)

MGEN John Davis (U.S. Army, Ret.)
Chief Security Officer, Palo Alto Networks
Acting Deputy Assistant Secretary of Defense for Cyber Policy (2014–2015)
Former Director, Current Operations, US Cyber Command (2013–2015)

BREAK

2:45–3 p.m. | Chesapeake Salon C

PANEL THREE: A CONVERSATION ON CYBER FUTURES

3–4:15 p.m. | Chesapeake Salons A & B

Our cyber future seems to be on a course to be shaped by market forces and technological innovation with minimal direction from consistent and current policy oversight. Projections are that in just a few years, the Internet will connect much more than computers, phones, and laptops; in fact, nearly every sensor and control device which exists will be online. Cars, refrigerators, televisions, household appliances, cameras, aircraft, and even your wallet—along with sophisticated analytic engines and weapons systems—will all be connected online.  As ubiquitous as the Internet of Things (IoT) is today, in the future, billions more devices will communicate with each other in ways that will open up new levels of revenue and advertising streams. The IoT will also open up new opportunities for malevolent actors to use this world of interconnected devices to gain an even greater asymmetric advantage in a broad range of business, government, and military mission arenas.

Smart cities, where sensors and GPS tracking facilitate smoother flows of traffic.

Infrastructure sensors and control nodes that monitor equipment condition, send alerts when repairs are needed, and provide access for remote maintenance and control.

Smart appliances, working with smart electric grids, that run themselves or perform their chores after peak loads subside.

Self-driving cars—and potentially pilotless aircraft and drones—that dispatch themselves and navigate independently.

The IoT is here today and the Internet of Everything (IoE) is on the horizon. These are just a few examples that humans will have to adjust to.

"Nearly everything in daily life will have a connected application associated with it,” said Patrick Stack, manager for Accenture Interactive. “We can think of each person as a plug and each part of life as a socket.… Each step along the way will be able to recognize your common identifier and tailor your experience accordingly."

And it’s not just the humans; machines are also doing the same, communicating, self-organizing, and sharing information with each other and with us, over essentially the same complex and connected global mesh. And, they already outnumber us.

But is the future already determined?  Is ever greater networking of society inevitable?  Will the rising costs of a connected society—disruptions of increasing magnitude, the loss of control over the most intimate personal information, a growing skepticism about the security of systems and the information they convey—engender a reflective caution and deliberate limits across society on what is connected, where sensors are deployed, and what information is collected? These same questions have informed strategic discussions about weapons development, where certain weapons have been banned by treaty because, while possible, their development and deployment were judged to be destabilizing. Could a similar logic of limits inform our cyber future?

Moderator

Mr. Scott Charney
Vice President, Microsoft’s Trustworthy Computing Group
Former Chief, Computer Crime and Intellectual Property Section, Department of Justice (1990-1999)

Speakers

Prof. Ivan Arreguin-Toft
Harvard University

Mr. Greg Akers
Senior Vice President, Advanced Security Research and Governments/Security and Trust Organization
Cisco Systems

Mr. Brad Keywell (Invited)
Founder and CEO, Uptake Technologies
Co-Founder, Groupon

MGEN Jennifer Napper (U.S. Army, Ret.)
Group Vice President, Defense and Intelligence, Unisys Federal Systems

Ms. Dawn Meyerriecks (Invited)
Director, Science and Technology
Central Intelligence Agency

AFTERNOON KEYNOTE

4:15–5:15 p.m. | Chesapeake Salons A & B

Introduction

Lt. Gen. Ken Minihan (U.S. Army, Ret.)
Symposium Chair and Chairman, CCEI-NCM Founders Group

Keynote Address: Cybersecurity Executive Order and Key Administration Priorities

Mr. Rob Joyce
White House Cybersecurity Coordinator

CLOSING REMARKS

5:15–5:30 p.m. | Chesapeake Salons A & B

RECEPTION

5:30–6:30 p.m. | Potomac Salons 1 & 2

Attendees joined symposium speakers and organizers for a cocktail reception and the screening of a recently declassified ER97 after-action report video.