business continuity – GTS Coalition

Dec. 12: The National Security Supply Chain: Reducing the Vulnerabilities

Kristina Tanasichuk — Wed, 13 Nov 2013 08:30:11 +0000

Join the Government Technology & Services Coalition (GTSC) for a program featuring an overview of acquisition, technology and innovation in the intelligence community to both assure we have the most advanced protections in place to mitigate our vulnerabilities, and the most recent tools and information on how to protect intellectual property, prevent insider threats and understand supply chain considerations in the government contracting environment. Keynote Frank Montoya, Jr., National Counterintelligence Executive, Office of the Director of National Intelligence will keynote with a preview of the 2013 Economic Espionage Report (EER).

AGENDA AT A GLANCE

12:00 PM Welcome & Introductions

Kristina Tanasichuk, CEO, GTSC
Elena Kim-Mitchell, Director, Private Sector Outreach, ODNI

12:10 PM ODNI Movie

12:30 PM – 1:30 PMKeynote Luncheon:Preview of the 2013 Economic Espionage Report
Frank Montoya, Jr., Counterintelligence Executive, ONCIX

1:30 PM – 2:00 PM CERT & Insider Threat

Randy Trzeciak Senior Member of the Technical Staff, Software Engineering Institute’s (SEI), CERT Program, Carnegie Mellon University

2:00 PM – 3:00 PM Best Practices on Insider Threats & Supply Chain Security

Joan McCarroll, Director, Systems Engineering and Integration (SE&I) Center of Excellence
Kathy Mills, Corporate Security Officer/Security Director, CENTRA Technology, Inc.

3:00PM – 3:30PM Cyber Threats & Vulnerabilities to Small & Mid-Sized Companies

3:30 PM – 4:15 PM Acquisition, Technology & Innovation
Dr. David A. Honey, Ph.D., Director for Science & Technology, Assistant Deputy Director of National Intelligence for Science & Technology, ODNI

4:15PM – 5:00 PM What Can Business Do?

DHS Business Continuity tool
FBI Resources

Keynote: Dr. David A. Honey, Director for Science & Technology, Assistant Deputy Director of National Intelligence for Science & Technology, ODNI

Dr. David Honey serves as the Director for Science & Technology and Assistant Deputy Director for National Intelligence for Science & Technology for the Office of the Director of National Intelligence. Dr. David A. Honey joined the DoD’s Office of the Director, Defense Research and Engineering as the Director for Research on 31 August 2009. Dr. Honey was responsible for policy and oversight of DoD Science and Technology programs from Basic Research through Advanced Technology Development. He was also responsible for oversight of DoD laboratories, ensuring the long-term strategic direction of the Department’s S&T programs, and for developing those technologies needed for continued technological superiority of US forces. Before assuming this position Dr. Honey was the General Manager and Senior Vice President of the Defense Sector for Information Systems Laboratories (ISL), a small business pursuing science and engineering innovations in the fields of advanced sensors, communications, UAVs, adaptive signal processing, and undersea warfare technology. Dr. Honey also served on the Air Force Scientific Advisory Board. Dr. Honey was the Director of the Defense Advance Research Projects Agency (DARPA) Strategic Technology Office (STO), Director of the Advanced Technology Office (ATO), and Deputy Director and Program Manager of the Microsystems Technology Office (MTO). While at DARPA he led efforts in optoelectronics, networks, communications, information assurance, network-centric-warfare applications, information assurance, sensor systems, space and near-space sensors and structures, maritime technology, underground facility detection and characterization, alternative energy, and chemical-biological defense.

Keynote: Frank Montoya, Jr., Counterintelligence Executive, Office of the National Counterintelligence Executive (ONCIX)

Frank Montoya, Jr. began his career as an FBI special agent in May 1991 and reported to the San Antonio Field Office, where he worked violent crime and fugitive investigations. He established and led activities of the division’s fugitive task force. Montoya also worked temporarily in the Oklahoma City Field Office to assist in the Alfred P. Murrah Federal Building bombing investigation. In April 2000, Montoya was promoted and worked at FBI Headquarters. He oversaw national security investigations and operations. During this time, he assisted in the Robert Hanssen investigation. Montoya transferred to the Milwaukee Field Office in November 2002. He served as supervisor and oversaw the counterintelligence squad and several national security investigations. Montoya returned to FBI Headquarters in December 2005, was promoted to unit chief in the Counterintelligence Division, and participated in the establishment of the National Cyber Investigations Joint Task Force. He moved to the West Coast in July 2007 and worked in the San Francisco Field Office as assistant special agent in charge in the counterintelligence branch.

Joan McCarroll, Director, Systems Engineering and Integration (SE&I) Center of Excellence

In her role as SE&I COE Director, Joan is responsible for establishing and promoting TASC’s best practices and processes in SE&I, program protection and cybersecurity including insider threat analysis. In her current role, Joan identifies Leading Practices in SE and deploys them across the company resulting in innovative solutions for our customers. In the area of program protection, Joan has expertise in both external and internal threat assessment and protection. Since joining TASC in 1990, Joan has performed and led end-to-end technical efforts in support of operationally deployed systems, systems under development, and future system architecture studies. She has held senior program management positions supporting the intelligence community in secure communications and SIGINT. Joan received her BSEE from Drexel University and her MS in Systems Analysis and Management from George Washington University. She has also attended Executive education courses at Darden and Strategic Marketing at the University of Chicago.

Kathy Mills, Corporate Security Officer/Security Director, CENTRA Technology, Inc.

Kathy joined CENTRA Technology, in November 2008 as the Corporate Security Officer/Security Director. She is responsible for all aspects of CENTRA’s Security operations, including personnel security, program security, physical security, and Information security, at both CENTRA’s Arlington and Burlington locations. Kathy has over twenty years experience in security including management of day-to-day operational security, personnel management, administration, and maintaining all aspects of a security program under the National Industrial Security Program.

Randy Trzeciak Senior Member of the Technical Staff, Software Engineering Institute’s (SEI), CERT, Carnegie Mellon University

Randy Trzeciak is currently a Senior Member of the technical staff for the Software Engineering Institute’s (SEI) CERT Program. Mr. Trzeciak is a member of a team in CERT focusing on insider threat research. The studies analyze the physical and online behavior of malicious insiders prior to and during network compromises. Other insider threat research uses system dynamics modeling for risk analysis of the impacts of policy decisions, technical security measures, psychological issues, and organizational culture on insider threat. Mr. Trzeciak also is an adjunct professor in Carnegie Mellon’s H. John Heinz School of Public Policy and Management. Prior to his current role in the CERT Program, Mr. Trzeciak managed the Management Information Systems (MIS) team in the Information Technology Department at the SEI. Under his direction, the MIS team developed and supported numerous mission-critical, large-scale, relational database management systems.

What’s Your Ready Rating?

Kristina Tanasichuk — Fri, 20 Sep 2013 14:44:18 +0000

The Challenge

As a business leader, you can’t ignore the facts. Emergencies are inevitable, and as much as 40 percent of businesses never reopen following a disaster. We know the “what if?” is hard to think about and we also know the process for getting prepared can be cumbersome and complicated. Having an emergency preparedness plan in place also helps to ensure the health, welfare and peace of mind of your employees, their families and your business’s community while meeting your business needs.

The Solution

Since its inception, the Red Cross Ready Rating program (readyrating.org) has been recognized by preparedness experts as the necessary and easy solution to help businesses, organizations and schools become ready to respond to and successfully withstand a disaster and other emergencies.

Ready Rating is an easy, web-based, self-paced member program designed to help organizations of all sizes become better prepared for emergencies. Members complete a free online self-assessment of their current readiness levels and receive immediate customized feedback on each area of preparedness, including strengths and areas in need of improvement. Members then gain access to an information-rich Ready Rating program guide with tips to improve preparedness.

Learn more from Linda Mathes next week at GTSC’s National Preparedness Month program on Thursday, September 26!

Linda Mathes
CEO
American Red Cross in the National Capital Region

Visit: www.readyrating.org

Follow: @RedCrossNCR

Linda Mathes, selected as a 2008 Washingtonian of the Year, is the Chief Executive Officer of the American Red Cross in the National Capital Region which includes the District of Columbia; counties of Arlington, Fairfax, Loudoun, Montgomery, Prince George’s and Prince William; and cities of Alexandria, Fairfax, Falls Church, Manassas and Manassas Park. Linda was recently invited to the White House to help recognize Red Cross Champions of Change.

Is Your Data Disaster-Proof?

Kristina Tanasichuk — Fri, 06 Sep 2013 16:01:57 +0000

Information Week, a leading IT industry news source, estimates $26.5 billion in revenue is lost annually due to network and system interruptions. Despite the potential for depleted earnings, angry customers, tarnished reputations, and lost data, over 50% of businesses don’t have an IT disaster recovery plan.

Build a Strong Foundation

Your IT systems support your business, making it is essential to design a solid infrastructure that aligns with your business goals, secures your data, and is resilient. Here are a few simple tips that many organizations neglect.

Schedule maintenance for off-hours. Like your car, information systems need maintenance to operate consistently and at peak efficiency.
Keep software up-to-date. You don’t need to be on the cutting edge, but falling too far behind can cause you more problems and leave you vulnerable to attacks.
Define a password policy and disable old employee accounts. These two best practices are easy to overlook, but the results of negligence can be disastrous, leaving the door open for hostile hackers and disgruntled former employees.

Secure Your Digital Borders

The 2013 Data Breach Investigations Report from Verizon found 68% of attacks required very little skill on the part of attackers. This means that most networks are vulnerable to simple hacks by opportunistic individuals. With so many boxes to check and settings to configure, it’s easy to overlook minor flaws that create big security holes.

Experts can help you close the back doors that hurried employees or loose security guidelines leave open. In the end, the cost of an attack, measured in lost data or downtime, is much higher than the cost of a secure infrastructure.

Plan for Failure

Developing an IT Disaster Recovery Plan ensures your business can get back to work as quickly as possible after a service interruption, natural disaster, hardware failure, or anything cyberspace can throw at you. Make your IT DRP part of a larger, comprehensive Business Continuity Plan and you’ll be ready for anything. To start developing an IT DRP, follow these steps.

Gather stakeholders from various departments to determine which systems, software and data they must have to operate.
Assign priority levels to the most critical systems. You may want to consider generators that can provide power during storms or utilizing an off-site, secure data center.
Estimate the amount of time it will take to restore offline systems after an outage.
Test and reassess your IT DRP yearly or quarterly, depending on your business needs, to account for changes and updates to systems.

Enjoy the Benefits

You may not find your business in the path of a hurricane or tornado tomorrow, but your systems are vulnerable to attacks in ways that your physical structures and employees are not. IT DRP prepares you to deal with data failures, hacking, connectivity outages, theft, and a host of other IT-specific threats and crises.

Avoid the high cost of IT infrastructure failures by investing in a solid plan today.

Lilly Harris
CEO
MSA, Inc.

Lilly Harris is the President and CEO of Man-Machine Systems Assessment. MSA is an Economically Disadvantaged Woman-Owned Small Business with 23 years of government contracting experience. MSA is passionate about our Warfighters and the preparedness of our nation. MSA works diligently to evaluate defense systems, ensure continuity of operations and support mission critical programs that are aligned with our passion and mission.

Visit: www.msaincorp.com

Follow: @MSAincorp

When the Floodwaters Recede, Will Your Business Be Afloat?

Kristina Tanasichuk — Wed, 28 Aug 2013 16:09:26 +0000

September 2013 is National Preparedness Month. Over the next month, the GTSC blog will take a look at some emergency tips and resources to keep your business prepared to be ‘afloat’ for the inevitable.

In May, states across the US experienced major flooding and record-breaking tornadoes plowed through cities and towns. In June, wildfires devastated Arizona. In April, newspapers and news channels were consumed with the Boston bombing. In every case, local businesses were impacted – and in some cases destroyed – in the aftermath of the disaster.

With disasters—manmade and natural—on the rise worldwide, and local businesses increasingly impacted by what happens around the globe as much as what happens down the street, business continuity planning is more important than ever.

Some Businesses Won’t Survive

Local businesses are the economic backbone of their communities. When they have no plan to guide recovery efforts after a disaster, the effects of lost wages and services ripple through the entire community, and the impacts keep piling up after the crisis.

Following a major disaster, local businesses that aren’t prepared continue to suffer. According to a study by the Institute for Business & Home Safety, 25% of local businesses never reopen. For those that do, reopening quickly is essential to survival. More than 80% of businesses that take more than 10 days to resume operations will close within one month.

Some Businesses Will Thrive

Nobody would hope for a disaster to boost the local economy, but experience shows that they often do. The effect is so significant that local economies are often overrun by outside businesses seeking to get their hands on valuable contracts. Often, these companies bring in their own outside workers that have no ties to the community. If your business can weather the storm, it will help your bottom line and benefit local workers and families.

Preparation is Key

Business continuity planning can help your business weather the storm—or anything else that comes along. The basic steps are relatively easy, but many businesses never get around to thinking about them until it’s too late.

Identify key stakeholders.
Prioritize critical functions.
Plan to restore functions following a disaster. Consider the following:
- Establish orders of succession
- Develop crisis communication plans
- Design an IT disaster recovery plan
- Define organizational roles & responsibilities that will take effect during the disruption

Benefits Beyond Survival

As you develop a business continuity plan, you’ll take a closer look at your organization and its priorities. Often, stakeholders uncover ways to streamline or improve operations as a byproduct of disaster planning.

Disasters may be devastating, but planning is good for business. Get started today!

Lilly Harris
CEO
Man-Machine Systems Assessment

Visit: www.msaincorp.com

Follow: @MSAincorp