DOE Cyber Conference

Track Descriptions

Track 1 - Advancing Cybersecurity Excellence: Moving from Compliance to Risk Management
Description: This track will explore how our partners across the DOE enterprise—as well as our private sector, academic, and international partners—are innovating and identifying new tactics, tools, and capabilities to advance DOE’s IT and cybersecurity missions. Conversations will examine the latest advancements in technology, and will address developments in the management and workforce spaces. Topics will include federal cybersecurity directives, Risk Management, Risk Acceptance, updates on the High Value Asset program, insider threats, anti-phishing, data sharing, incident response capabilities, the Joint Cybersecurity Coordination Center (iJC3), Continuous Diagnostics and Mitigation (CDM), and Identity, Credential, and Access Management (ICAM). This track will also explore both the high-level concepts around risk management and governance changes, as well as the details of data calls, Authorizing Official panels, and automated data as we examine how DOE is switching from a mindset of complying with laws like FITARA and FISMA to a mindset of using those requirements as tools to advance our risk management strategy.

Potential Topics: Cyber Workforce Development and training; Public-Private Partnerships; Virtual Desktop Infrastructure, CDM, High Value Assets (HVA), Internet of Things, Operational Technology, Cyber-Physical Security, Unclassified Security Operations Center, Risk Management, Supply Chain, Identity, Credential, and Access Management (ICAM), cybersecurity, cyber threats, and incident response capabilities.

Track 2 - Upgrading DOE: Cyber Innovation, Digital Transformation, and Modernizing Government Technology
Description: This track will focus on how the latest technological advancements affect government networks and systems. Discussions will include how the federal government can take advantage of ongoing R&D efforts and already-deployed innovations to keep pace with rapid changes in the cybersecurity and IT landscape, even while operating on lean budgets. Participants will explore how we can establish the National Laboratories as centers of excellence, and will learn more about how IT Modernization, Technology Business Management (TBM), and the Modernizing Government Technology Act will impact modernization efforts across Federal interagency partners. This will also be an opportunity to take a big-picture look at all 7 of the Digital Transformation Work Streams to identify what’s working well, what can be improved, and what new opportunities might exist on the horizon—including by collaborating with our private sector, academic, and international partners.

Potential Topics: Public-Private Partnerships, Innovation; Cyber Posture, CDM (Continuous Diagnostics and Mitigation), MGT (Modernizing Government Technology), NDAA (National Defense Authorization Act), Modernization, technology, Artificial Intelligence, Machine Learning, Network Security Modernization, Enterprise Architecture, interoperability standards, digital transformation, and Cybersecurity Infrastructure.

Track 3 - Advancing IT/Cyber Policy, Transformation, and Privacy with Customer Service
Description: This track will explore the development and implementation of a new focus on customer service throughout the DOE Enterprise mission space, including by examining key lessons learned from across all Departmental elements—as well as from our private sector, academic, and international partners. Information and cyber professionals at every level need to understand customer service, because successful security starts with helping end users do their work more securely and also more efficiently. Incident response and prevention efforts like anti-phishing training will remain central to our efforts, but new cybersecurity tools, controls, and processes must be developed to encourage and make it easier for users to do the right thing in the first place—all while giving careful consideration at each turn to building in robust privacy and records management practices. At DOE, we have a diverse set of customers to serve, each with unique missions and risks—from national security-focused labs to open science facilities.
Building an interdisciplinary, sophisticated cybersecurity program to serve that customer base requires a diverse, talented workforce from a range of different educational backgrounds and perspectives who understand and have practical experience with policy development, policy implementation, acquisitions, contracts, operations, HR, securing supply chains, and inter- and intra-agency coordination.

Potential Topics: Customer Service, Cybersecurity, IT/Cyber budget formulation, IT Modernization, FITARA, Supply Chain, Acquisitions, Contracts, cyber workforce, Diversity, Privacy programs, effective privacy incident response, recent developments in the expectations to reduce the collection and use of Social Security numbers, Records Management, and Capstone.

Track 4 - Operational Technology, Artificial Intelligence, and the Internet of Things
Description: This track will highlight the deep and broad institutional knowledge across the DOE enterprise on topics related to operational technology and artificial intelligence, which are directly applicable to up-to-the minute conversations about the Internet of Things and the vast expansion of the global cyber threat surface. Because of their diverse and unique environments and missions, DOE’s National Laboratories have been developing and deploying ubiquitous sensors, industrial controls, and other operational technology for many years. Labs are also currently using cloud instances, including software-defined networking, that need to be both functional and secure. As such, the enterprise is in a unique position to take the lead in adapting to the new cyber realities of a world in which each new innovative product becomes an entry point for malicious actors to access networks. This track will explore new opportunities, risks, and challenges surrounding the application of everything from machine learning and artificial intelligence to operational technology.

Potential Topics: National Labs, Internet of Things, Operational Technology, Cyber-Physical Security, Artificial Intelligence, Ubiquitous Sensors, Industrial Controls, Cloud Computing, Software-Defined Networking, Cloud Security, Cloud migration, TIC 3.0 (TIC overlay to FedRamp), Collaboration Services, Enterprise Directory Services, Enterprise Data Center Strategy, Enterprise Email Single O365 tenant, Enterprise Transport – ESnet w/ Federal overlay, Enterprise Mobility, Enterprise Cloud Email, Data Center Migration, and Client Modernization.