cyber security – GTS Coalition

GTSC Releases 2019 Annual Report: Fostering Collaboration to Cast a Wider Shadow on the Homeland Security Market

Kristina Tanasichuk — Sat, 25 Jan 2020 18:07:36 +0000

The Government Technology & Services Coalition, the foremost organization for government contractors in the homeland security mission space, released its 2019 Annual Report at their Annual Meeting.

GTSC’s 2019 Annual Report: Fostering Collaboration to Cast a Wider Shadow on the Homeland Security Market, catalogs the non-profits activities and progress toward a trusted community to protect the nation.

The theme: Fostering Collaboration to Cast a Wider Shadow on the Homeland Security Market highlights the effectiveness of the over 200 contracting companies that have joined together to collaborate to bring the best solutions to the homeland security market. The organization saw 25% growth among its mid-tier members, contractors with revenue between $25 million and $1 billion, and saw over one million page views at their news site, Homeland Security Today (www.HSToday.us). In addition to engaging to improve procurement for all contractors, the organization works to provide a level playing field, increase competition, and assure that smaller companies with innovative solutions have an opportunity to share with the public sector officials that need them. The organization has attracted new government partners, and sustained vibrant partnerships with its traditional supporters.

“We are extremely happy that our approach to collaboration, facts, and practical solutions has been embraced by the homeland security community. We have worked very hard to create a community of trusted relationships between the public and private sector to work together to protect our nation. We work daily to bridge the communication gap and lack of understanding between those who are accountable for the mission, and those who support them to achieve it. Our non-profit’s work, our mission, has always been to support those on the front lines, executing our nation’s laws, to keep our children, citizens, and cities safer against all threats.” said Kristina Tanasichuk, CEO & Founder, at the release.

“Our partnership with GTSC is incomparable,” said Alba M. Alemán, CEO of Citizant and GTSC’s Mid-Tier Company of the Year. “GTSC, has been paramount in developing trusted relationships between industry and agency leaders to bring forward unique perspectives, so that those agencies will be better served and able to achieve mission-critical objectives. Moreover, to be a part of such an elite network of like-minded professionals passionate about national security and core infrastructure missions, is both energizing and humbling.”

GTSC was founded in 2011 by small business CEOs in the homeland security market to find ways to improve procurement and acquisition of innovative technologies, give small businesses a voice in the federal market, and provide a trusted community for those tasked with securing the country. The organization has evolved to represent the ecosystem of the homeland security market with small, mid-tier, and large companies engaged to collaborate, mentor, and network to achieve mission. In 2017, the non-profit purchased the Homeland Security Today media platform.

“As a fairly new business having started in 2012, I have been a part of various organizations and associations. GTSC has been the ONLY one that has consistently supported businesses and government entities with a passion for both sides. I can proudly say that Potomac Management Solution’s growth and success has been directly contributed to the programs, guidance and overall structure of GTSC!” said Diane McCain, CEO of Potomac Management Solutions and GTSC’s Small Business of the Year.

GTSC and Homeland Security Today also hosts the Annual Holiday Hero Awards recognizing those on the front-lines on watch every single day to protect our country from threats to homeland security. The awards recognize private citizens and public sector officials doing exceptional work on behalf of the homeland.

The 2019 Annual Report catalogs the numerous programs, meetings, networking opportunities, charitable events, and workgroups supported by the organization and the leaders and members shaping those activities.

Click here to view the report.

Sorting out the ODNI’s World Threat Assessment

Kristina Tanasichuk — Tue, 23 Feb 2016 19:43:25 +0000

DNI James Clapper has delivered the Intelligence Community’s annual Worldwide Threat Assessment to Congress. In downbeat opening remarks, he reeled off a depressing set of numbers: 60 million people around the world are reckoned to have been displaced; central government authority has collapsed in seven countries; violent extremists are operationally active in 40 countries; and 59 countries face a significant risk of instability. Clapper called instability the “new normal.”

The threat assessment itself was as usual divided into GLOBAL and REGIONAL sections. Both displayed a high proportion of bad news to good.

IC’s View Of Global Threats

Cyber

Not surprisingly, CYBER took pole position on the list of GLOBAL threats, with new concerns relating to the Internet of Things and the deployment of Artificial Intelligence technologies. While the list of bad actors still includes Russia, China, Iran, North Korea, and terrorists generally, new vulnerabilities are anticipated from augmented reality and virtual reality systems. Referencing the Juniper Networks hack, Clapper noted that, in the cyber realm, the trend away from crude denial-of-service to sophisticated attacks designed to undermine data integrity has continued.

Terrorism

The global threat from TERRORISM has undergone a significant change over the last 12 months. According to the Assessment, Al-Qaeda has been “severely degraded.” ISIL’s emergence as the pre-eminent threat has increased concerns about both “terrorist travel” and home-grown violent extremists (HVEs) in the U.S, with other terror groups including Boko Haram and al-Shabaab discussed primarily in terms of their relation to ISIL. Finally, the Assessment notes that the difficulties experienced by host nations in relation to massive population displacements may make refugees targets for terrorist recruiters.

Weapons of Mass Destruction

The IC’s perception of the threat presented by WMD has been little modified since the 2015 Assessment, with continuing concerns about North Korea, China and Russia. The picture in Iran is more complex. While the diplomatic initiatives culminating in the State Department’s Joint Comprehensive Plan of Action (JCPOA) have provided the international community with improved oversight of the country’s nuclear program, it is still concerned with enhancing its security, prestige, and regional influence. Widespread reports about ISIL’s use of mustard gas have resulted in Iraq joining Syria as a potential site for chemical weapon deployments.

Lastly, the increasing availability of genetic technology has led to GENOME EDITING appearing on the WMD list.

Outer Space

IC’s assessment of threats in SPACE shows a substantial increase in the number of potential actors, with some 80 nations now participating. Russia and China have developed new COUNTERSPACE capabilities. Russia, which has touted its use of satellite capabilities in support of its Syrian campaign, likely considers countering the U.S. space advantage to be a critical component of warfighting.

Counterintelligence

The COUNTERINTELLIGENCE threat environment remains complex, with Russia and China still heading up a long list of potential state and non-state actors who would seek to penetrate and influence U.S. national decision making. Increasingly sophisticated IT is now the primary vehicle for their actions.

Organized Crime

IC’s assessment of the threat from ORGANIZED CRIME has shifted to place additional emphasis on drug trafficking, but human and wildlife trafficking, and the role of crime in promoting corruption are still referenced.

Human Security

In HUMAN SECURITY, atrocities, global displacement, and climate change have joined extreme weather and infectious disease as significant threats. The growing global consensus on climate change is viewed as cause for optimism, but the health threat presented by the Zika virus is taken as indicative of the potential risks of entirely new diseases arising from human encroachment into animal habitats.

IC’s View Of Regional Threats

IC takes the view that, while great power competition is increasing, the geopolitical environment continues to offer opportunities for the U.S. to co-operate with other nations. However, an international environment defined by such a mix of competition and cooperation will likely undermine existing international institutions.

In the MIDDLE EAST, SYRIA continues to dominate the agenda because of the four million refugees displaced by conflict into Turkey, Lebanon, Jordan, Iraq. IC assesses that the country’s government will be able to make gains against ISIL, but won’t be able to fundamentally alter its battlespace. Conditions in IRAQ are considered to be improving as ISIL rule falters and sectarian strife is reduced. However, the Iraqi Sunni population’s fearfulness of the Shia-dominated government in Baghdad may hinder efforts at uniting against ISIL.

IRAN presents an enduring threat despite its adoption of the JCPOA and release of 10 U.S. sailors because of its support for regional terrorism and for the Assad regime. In LIBYA, the conflict between two governments in Tripoli and Tobruk has hardened divisions within the country, and damaged the economy, leaving a power vacuum that has been exploited by terror groups. YEMEN’s conflict also remains stalemated, but all sides — plus international backers like IRAN — have expressed willingness to participate in peace talks. LEBANON continues to struggle with spillover from SYRIA. EGYPT faces persistent threats from domestic terrorists directed primarily against state security forces. TUNISIA also faces an ongoing terror threat and high unemployment, but its year-old democratic government gives some hope for the future.

TURKEY, still key to U.S. objectives in the region, is dealing with renewed concerns about the actions of its Kurdish minority, now being courted by Russia in relation to its Syria campaign. It is also dealing with a substantial refugee problem arising from the conflict in SYRIA.

In EURASIA, Russia continues to reassert its status as a great power, using its expanded role and continuing military success in Syria for leverage. Putin’s standing remains at a record high two years after the land grab he orchestrated in Ukraine, despite its negative impact on Russia’s steadily contracting economy. UKRAINE, MOLDOVA and BELARUS are seeking equilibrium with their increasingly strident neighbor. Regional tensions between GEORGIA and RUSSIA and between ARMENIA and AZERBAIJAN remain high, and it seems likely that RUSSIA will seek to increase its influence in the area because of its concerns about terrorist instability.

CHINA continues to dominate the entire context of ASIA, extending its influence on the world stage while conducting an ongoing program of ambitious economic and legal reforms. In NORTH KOREA, Kim Jong Un has strengthened his unitary power and renewed focus on the country’s military program via provocative and threatening behaviors including this year’s missile launches and underground nuclear tests. The new bloc presented by the ASEAN community of Asian nations may curtail CHINA’s ambitions, but the cohesiveness of the group is undercut by the different developmental levels of its member states. Elites run everything and corruption is normal.

In SOUTH ASIA, AFGHANISTAN remains unstable, with a deteriorating security situation that is likely to result in yet more fighting this year. ISIL’s new Khorasan branch will remain quiescent, but Taliban forces under the leadership of Mullah Akhtar Mohammad Mansur present a renewed threat. Tensions between INDIA and PAKISTAN remain at an elevated level. In PAKISTAN, Sheikh Hasina’s continuing efforts to undermine the political opposition will provide openings for terror groups like ISIL, which has already claimed responsibility for a series of attacks on foreigners.

IC no longer considers SUB SAHARAN AFRICA’s stability to be badly compromised by the Lords Resistance Army or Al-Qa‘ida in the Lands of the Islamic Maghreb (AQIM), and the threat from Ebola has for the moment abated. However, NIGERIA’s government must still faces a significant challenge from Boko Haram. Long-running political disputes continue in SUDAN and SOUTH SUDAN, and DRC, BURUNDI and CENTRAL AFRICAN REPUBLIC are all dealing tensions arising from broken democratic processes. In SOMALIA, the elected government is reliant on African Union support to exert its authority over al-Shabaab forces in regions of the country outside the capital.

In LATIN AMERICA, droughts, gang violence and political instability are all driving migration to the U.S. The Assessment notes that the exodus from CUBA to the U.S. grew by 76 per cent in 2015, driven by the slow pace of economic reform in the country and fears of a U.S. repeal of the 1966 Cuban Adjustment Act. VENEZUELA and BRAZIL both face economically-driven political instability.

The full assessment is here: http://www.dni.gov/files/documents/Unclassified_2015_ATA_SFR_-_SASC_FINAL.pdf

Kristina Tanasichuk is CEO & Founder of the Government Technology & Services Coalition, a non-profit, non-partisan organization of small and imd-sized companies working in homeland and national security. She is also the president of InfraGardNCR, a public private partnership between the private sector and the FBI to shari information to protect our nation’s critical infrastructure, and the president and founder of Women in Homeland Security.

Take the Cyber Security Survey Today

Kristina Tanasichuk — Wed, 08 Oct 2014 14:30:59 +0000

Annually, the Government Technology & Services Coalition joins forces with InfraGard of the National Capital Region to survey our members and other private sector companies to help understand the cyber security environment, threats and trends. We do this during Cyber Security Awareness month to bring attention to this critical homeland and national security issue and to constantly inform our products and services to help you identify, mitigate and prevent cyber attacks.

This cyber security survey was created to produce an estimate of cyber security incidents occurring in the private and non-profit sector, focusing heavily on companies operating in the Washington, D.C. region. The survey seeks to understand the private sector’s awareness, understanding, preparedness and gaps related to cyber security intrusions and attacks. The results will provide the basis for enhancing or initiating efforts to strengthen the information sharing and awareness to inform our public private partnerships and create meaningful programming and tools to combat the cyber threat.

Survey Scope: The survey collects data on the type and frequency of computer security incidents in which a computer was used as the means of committing a crime against the company or as a conduit through which other intrusion and/or criminal activity was perpetrated. It also collects data about the type and size of the company, cyber security practices, and computer infrastructure.

Reporting Period: The reporting period for this survey is calendar year 2013.

Survey Confidentiality: Your responses to this survey will be seen by individuals from the sponsoring entities who agree to uphold the confidentiality of your responses and use the information only for statistical/reporting purposes from which no individual company or entity will be identified.

Beating the Cyber Security Drum

Kristina Tanasichuk — Wed, 01 Oct 2014 19:36:24 +0000

Every year, the Government Technology & Services Coalition beats the drum of cyber security – particularly during October’s Cyber Security Awareness Month.

We pull out the cute little monster virus icons, we parade a series of sessions, webinars and blogs about the perils of ignoring cyber security, and try to provide some tangible steps for small firms – or really ALL firms — to implement to be responsible partners to their Federal clients.

There is still quite a bit of complacency — but the threat – to our nation and to our assets is very real. Most recently, the Senate Armed Services Committee found that Chinese government hackers have repeatedly infiltrated the computer systems of major U.S. companies including government contracting firms of all sizes – to find out about the movement of U.S. troops and military equipment.

U.S. Transportation Command, or Transcom, was aware of only two of the intrusions. Gaps in reporting requirements and a lack of information sharing left the U.S. military largely unaware of the computer compromises of its contractors.

What the Senate Armed Services Committee really found – is that cyber security, information sharing, defending our systems MATTERS NOW. And that protecting “our systems” is protecting a complex ecosystem of both public and private entities enmeshed through so many access points it is virtually impossible to untangle them all. Detecting the patterns of attack requires a complex collaboration between government and industry.

Although efforts to address cyber security are still “in process” – for contractors the writing is on the wall.

Currently – cyber security is still “voluntary.” To satisfy President Obama’s Executive Order on Improving Critical Infrastructure Cyber security – this year we saw the release of two reports that map out the future of cyber in procurement: The DOD- GSA report on Improving Cybersecurity and resilience through acquisition and the NIST’s Cyber Security Framework — a description of what should be in a cyber security program.

The “mandatory” is coming: late last year, DOD required companies handling ‘unclassified controlled technical information’ to implement security controls and report incidents within 72 hours of discovery. This is only the beginning.

Lawmakers are using the tools at their disposal to tighten up security through procurement — a provision was added to the annual National Defense Authorization Act to tighten requirements for defense contractors to report cyber attacks by known or suspected government actors.

So, everyone is – or should be — preparing. But there are still important questions like, “when are my systems ‘secure’? what happens when I am the victim of an attack? What if I’ve done all the right things?”

To find some answers, most contractors are watching the examples. USIS – a government contracting firm that performed background investigations for the government – is currently front page news. After detecting a breach, the company reported it to the Department of Homeland Security. Subsequently their contracts pertaining to background checks with both DHS and OPM were suspended.

At first blush, that sends an ominous message. However, the reality of “cyber” is that every company is vulnerable and every company from Lockheed Martin to the much smaller USIS have fallen victim to hackers, breaches, attacks of one kind or another.

What we are learning every day is that partnerships – BEFORE an attack – will make or break our success. And that “waiting” is not a strategy.

So you’re probably thinking, well that’s all well and good Kristina. What does it mean for me?

It means that if you are working with Federal clients, this is that moment when you look up from the weeds to see the trees:

FIRST: Join the FBI’s InfraGard – or have your CISO join. The public private partnership’s mission is to protect the critical infrastructure of the United States and its roots rest squarely in cyber – protecting our digital infrastructure. They provide invaluable alerts, lots of training and information to assure you are ahead of the curve and know who to call, when.

SECOND: Join an organization, network, information sharing exchange that will educate you about the cyber requirements coming down the pike. Learn what is required – and build your cyber security practices beyond that. Cyber security is a new cost of doing business with the Federal government and you need to be ahead of the curve.

THIRD: Use the free resources available to you to develop your cyber plan and educate your employees. GTSC has a slate of resources available to help small and mid-sized companies educate their employees and the FCC has developed a free cyber security planner for business. StaySafeOnline.org has the resources and information to educate your workforce are there – you just need to use them.

Kristina Tanasichuk is CEO and founder of the Government Technology & Services Coalition. She is also President and founder of Women in Homeland Security and Executive Vice President of the InfraGard National Capital Members Alliance. She has worked in homeland security and domestic infrastructure for nearly 20 years.

Mitigating the Insider Threat Through Personnel Surety Counterintelligence

Kristina Tanasichuk — Mon, 16 Jun 2014 14:19:48 +0000

The Department of Homeland Security in coordination with US Customs and Border Protection are at the forefront of preventing insider threats within its law enforcement operations. These threats take the form of overt actions because of gaps in coordination and process mistakes that lead to self-created but preventable vulnerabilities.

To assure this continued success, a Personnel Surety Counterintelligence mission must be put in place through a management and implementation functionality that will meet the following objectives:

• Assess and audit the effect of the insider threat through risk analysis threat algorithms

• Establish a collaborative information-sharing personnel surety data base system that tracks action requirements and assigns accountability on a continuous basis

• Build a personnel surety counterintelligence business process into each law enforcement mission area, both operational and technologically supported through stakeholder collaboration

• Create a culture built around a robust personnel surety plan to ensure that a need to share for operational success supersedes the need to protect information

• Identify the insider threat and vulnerabilities through a continual monitoring system of checks and balances

• Counter the inadvertent mistakes that lead to the insider threat through the deployment of technologies that drive mission success and efficiencies

Coordinating the Government’s Personnel Surety Mission

The multi-faceted challenges of working in today’s mission-critical environmental and multiple enterprise coordination formats require innovative approaches that stress stakeholder creation and participation with built-in accountability, under an umbrella set of governance parameters. This is especially true in the world of counter-intelligence / insider threat in light of the number of initiatives currently underway to protect the United States government information infrastructure. It is imperative that the following initiatives be established:

• Establishing a government-wide personnel surety process and management discipline supported by standardized and relevant technologies

• Coordinating the activities of multiple operational centers, including sharing information about malicious activity and establishing common operating standards and procedures to: track information sharing, require acknowledgement of information received, and provide reports of counter-actions taken

• Deploying technology advancements in order to counter the threats both from an IT and behavioral perspective

• Engaging the private sector, as a partner, to extend the envelope of protection beyond the government’s firewall in a manner that is clear and manageable to that sector

These initiatives are designed to break the pattern of information silos and to overlay new paradigms that will mandate sharing and accountability to protect lives and critical mission information while providing stakeholders tangible metrics for their participation.

They also address the technology aspects required to support this new paradigm by ensuring that the most appropriate tools are in place, under the most cost-effective basis.

Establishing Enterprise-Level Governance

As recent events have proven, internal barriers may well be the biggest stumbling blocks to “connecting the dots” on a threat and preventing violence.

Deployment of a CBP Enterprise Program Management Office (EPMO) is a successful methodology that will enable CBP to break through such barriers and establish an enterprise-level governance functionality that will assure the success of the insider threat mission. An insider threat EPMO will allow CBP to:

• Coordinate the Counterintelligence Mission Focus across all of the Federal Mexican Police Department

• Deploy technologies that drive mission success and efficiencies

• Establish performance metrics and measurable outcomes linked to meeting the counterintelligence insider threat mission

Successfully Deploying the EPMO

A successful Counterintelligence EPMO will require the following focus to its activities:

• Developing and documenting a clear understanding of the mission

• Establishing an executive Governance Board

• Organizing with a focus on meeting the counterintelligence mission

• Deploying operations that protect the mission from internal/external threats

• Leveraging technology to enable the counterintelligence mission

• Establishing a disciplined standards-based foundation

It is critical that CBP establish an EPMO to serve as a central program management body, one which both manages and coordinates core insider threats and counterintelligence activities. The EPMO performs much of the program management related work for individual programs as well as the organization at an enterprise level, while still valuing the individual program contributions and objectives.

Establishing and sustaining this focus for the EPMO will require that four themes be addressed: statutory and other mandatory drivers, organization and supporting processes, technology requirements, and cultural change.

1. Statutory and Other Mandatory Drivers

Any EPMO is responsive to the statutory and / or regulatory drivers that established the mission for a sponsoring agency, augmented by internal agency directives or other mandated requirements. It is critical that information on these be gathered, analyzed, and clearly understood. After this it must be coalesced into a charter statement that all stakeholders will commit to support and follow under a program organization that has been developed and accepted in a collaborative process. Specific mission performance objectives may then be developed. Successful implementation of these is a function of establishing a common operating environment that has two components: process and supporting technology.

2. Organization/Process

The processes defining the EPMO’s operating framework must promote the effectiveness, efficiencies, and collaboration necessary to successfully meet the established counterintelligence insider threat mission. Once established, these characteristics must be sustained by adopting a regular process or review through which the operational and control processes of the EPMO are assessed, revised and opportunities for improvement are incorporated. The effective EPMO deploys Key Performance Indicators (KPIs) measuring key processes, especially those that touch the counterintelligence insider threat customer.

The EPMO monitors the KPIs to identify reductions in performance, and as a result, to proactively deploy revised and improved processes. Incorporation of standards and ratings to insure ongoing performance maturity is essential in order to ensure that the stakeholders of the EPMO are receiving the best information and are participating in decision-making as appropriate.

3. Technology

Even while most EPMOs operate in a highly automated environment, the successful counterintelligence insider threat EPMO team understands the use of technology is not the answer to all problems. That team also understands that well-deployed technology remains a critical, but supporting, component to highly qualified personnel and a well-run EPMO organization.

These technologies should be “smart”, scalable, flexible, extensible, and self-monitoring. The requirements for deployment must be based on the automation of a collection of previously manual processes and should provide short-term tactical efficiencies in response time, effectiveness, and productivity. It cannot disrupt processes, unless it is part of a well-understood process improvement strategy. It must be well understood and require users and customers to be well-trained and able to quickly incorporate the technology capabilities into the responsibilities assigned to them.

4. Culture

The EPMO must be staffed by program, change, technology, and counterintelligence professionals who are directly accountable to the counterintelligence mission and to the Department’s strategic objectives. The individuals in the EPMO must have the necessary credentials, as well as managerial, consultative and functional counterintelligence experience, necessary to operate a Department level counterintelligence program office. While necessity often requires that personnel and resources are gathered from other parts of the Department, once those resources are assigned or brought into the EPMO, the mission of the EPMO takes precedence; any adherence to previous cultural and organizational barriers become of secondary priority.

The above four goals must be addressed via a specific implementation process consisting of three primary phases: Initiation, Planning, and Execution, coupled with ongoing Assessment and Update once all facets of the EPMO have been deployed. Each phase has its own input requirements and results in deliverables which are critical to day-to-day execution of the mission objectives.

The advantages of this phased approach are multiple:

• An over-arching mission definition is established, to ensure that all participating agencies are operating to the same goals and objectives

• Agency and other users are provided hands-on guidance to support them through collaborative / facilitated involvement and integration into the counter- intelligence program

• EPMO establish standards, processes and performance measures as well as measuring tools

• Agencies left with flexibility in the management of individual counter- intelligence activities while adhering to enterprise business rules

• Some impact on organization and may require changes in organization structure and / or roles and responsibilities

• Relieves agencies and program teams of much of the responsibility and details of program management-related activities

• Allows users to focus on the counterintelligence activities, resolution of technical issues, and threat adjudication under a common set of ground rules and information-sharing environments

Conclusion

The need for a successful counterintelligence program demands a direct approach to establishing coordination. Therefore, the Counterintelligence / Insider threat EPMO would provide the most robust construct for securing enterprise wide coordination and help break down the organizational silos preventing success. The EPMO will provide a personnel security program as well as counterintelligence / insider threat coordination to the entire enterprise: from the Executive level to managers, to Federal Officers, to professional staff, to security personnel, to IT personnel, and finally, to IT Security personnel down to administrative and clerical staff.

Contributing Author:

Bill Carroll is a co-founder and the President of the EnProVera Corporation, a Service Disabled Veteran Owned Small Business and Native American Owned Small Disadvantaged Business. Prior to EnProVera, he was the Managing Partner of Strikeforce Consulting. Bill has over 40 years of experience in law enforcement, in the U.S. Government, and in the Government Contracting Industry. He retired from the U.S. Government in 1998 after a distinguished career in the Immigration and Naturalization Service (INS). Bill was the Director of the INS Washington District Office and Deputy Director of the Los Angeles District Office.

Get a Data Breach Response Plan

Kristina Tanasichuk — Wed, 21 May 2014 15:35:47 +0000

As data breaches proliferate in and outside the government, companies are faced with serious ramifications if not addressed by leadership. With the DOD-GSA Cyber Resilience Rules looming, the NIST framework on the horizon and cyber security identified as the major priority for Congress and the Administration, GTSC’s Capacity Building session on data breach will focus on your company preparedness, incident response, notification and legal responsibilities when experiencing a data breach. Attendees will receive a Data Breach Response Guide and walk through hands-on procedures and considerations for your data breach policy. This is a must-attend for all small and mid-sized businesses working in the homeland and national security field.

May 22, 2014 | 8:30 am – 11:30 am
Arlington, VA

About Michael Bruemmer

Michael Bruemmer is Vice President of the Experian®Data Breach Resolution group at Experian Consumer Services, the leading provider of online consumer credit reports, credit scores, credit monitoring, other credit-related information, and protection products. With more than 25 years in the industry, Michael brings a wealth of knowledge related to business operations and development in the identity theft and fraud resolution space where he has educated businesses of all sizes and sectors through pre-breach and breach response planning and delivery, including notification, call center and identity protection services. Michael is a Certified Information Privacy Professional and Certified in Healthcare Compliance. He currently resides on the Ponemon Responsible Information Management (RIM) Board, the International Security Management Group (ISMG) Editorial Advisory Board and the International Association of Privacy Professionals (IAPP) Certification Advisory Board. >>READ More.