5th Annual IT Security Automation Conference

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

5th Annual IT Security Automation Conference

McCormick, Christopher [USA]
Hello CPE community,
 
  As many of you know, the details of the upcoming Security Automation Conference and Expo in late October 2009 are being finalized.   You may find this information helpful in the event you plan to attend.  Registration information as well as a draft agenda can be found at http://scap.nist.gov/events/
 
5th Annual IT Security Automation Conference and Expo
Date: October 26-29, 2009
Location: Baltimore Convention Center, One West Pratt Street, Baltimore, MD

Focusing on Healthcare IT, Cyber Security, Regulatory Compliance, and other Emerging Secure IT Technologies

The 5th Annual IT Security Automation Conference, hosted by the National Institute of Standards and Technology, in conjunction with the Department of Homeland Security, National Security Agency, and Defense Information Systems Agency, will focus on emerging technologies designed to support the security automation needs of multiple sectors.  This 4-day workshop, conference, and expo includes tracks on the use of security automation in support of healthcare IT, the use of security automation tools and technologies to ease the technical burdens of policy compliance, and the benefits of integrating security automation into the rapidly evolving cloud computing sector  Security automation leverages standards and specifications to reduce the complexity and time necessary to manage vulnerabilities, measure security, and ensure compliance, freeing resources to focus on other areas of the IT infrastructure.

The conference will provide public and private sector executives, security managers and staff, Information Technology (IT) professionals, and developers of products and services with a common understanding for using specific open standards and new security technologies across various domains of interest including:
- Health Information Technology (IT)/Health Insurance Portability and Accountability Act (HIPAA)
- Cloud Computing
- DoD Data Pilot/Strategy/Architecture
- Federal Information Security Management Act (FISMA)
- Federal Information Processing Standards (FIPS)
- Security Content Automation Protocol (SCAP) implementations

This conference will also provide tutorials and workshop regarding Department of Commerce, Department of Defense, and Department of Homeland Security technologies and initiatives. Sample topics include:
- Federal Desktop Core Configuration
- Emerging Standards and Specifications
- SCAP Validated Tools
- Content Validation
- Case Studies

As always, the conference will include distinguished speakers from Government, Industry, and Academia including:
- Phil Reitinger, DHS (invited)
- Tim Grance, NIST
- Tony Sager, NSA
- Ron Ross, NIST
- Richard Hale, DISA
- John Thompson, Symantec (invited)
- Microsoft
- RedHat

Highlights of this years conference include:
- New location at beautiful Baltimore Inner Harbor
- Full scale trade show
- Workshops Days 1 and 4, Conference Days 2 and 3
- Social reception the evening of Day 2
- Room blocks reserved at Hilton Baltimore

Register online now at:
http://scap.nist.gov/events

Early Registration Fee: $350 before 5 pm on October 5, 2009
Late Registration Fee: $450
Reply | Threaded
Open this post in threaded view
|

"Future of CPE" briefing at SCAP conference

Brant Cheikes

All,

 

For those who were unable to attend the “Future of CPE” session last Thursday (10/29) during the SCAP conference, I’ve attached the briefing charts that were presented.  Before the week is out I’ll circulate notes from the session.

 

/Brant

 

Brant A. Cheikes
The MITRE Corporation
202 Burlington Road, M/S K302
Bedford, MA 01730-1420
Tel. 781-271-7505; Cell. 617-694-8180; Fax. 781-271-2352

 

From: McCormick, Christopher [USA] [mailto:[hidden email]]
Sent: Friday, September 25, 2009 9:00 AM
To: cpe-discussion-list CPE Community Forum
Subject: [CPE-DISCUSSION-LIST] 5th Annual IT Security Automation Conference

 

Hello CPE community,

 

  As many of you know, the details of the upcoming Security Automation Conference and Expo in late October 2009 are being finalized.   You may find this information helpful in the event you plan to attend.  Registration information as well as a draft agenda can be found at http://scap.nist.gov/events/

 

5th Annual IT Security Automation Conference and Expo
Date: October 26-29, 2009
Location: Baltimore Convention Center, One West Pratt Street, Baltimore, MD

 […]


CPE_Future_for_SCAP_29Oct09.pptx (1M) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: "Future of CPE" briefing at SCAP conference

Brant Cheikes

In this note, following up on the message below, I’d like to highlight a few key points from last week’s “Future of CPE” meeting for the benefit of those who were unable to attend:

 

1.   Leadership of the CPE project at MITRE is transitioning from Drew Buttner to me.  Fear not, Drew will remain an engaged participant in the CPE community, but I’ll assume his responsibilities as the community Moderator and principal MITRE POC for development of the CPE standard.  Drew’s will be big shoes to fill, but I’ll do my best to bring the same high level of energy and dedication to the effort.

2.   CPE remains an open community standard.  MITRE will continue to moderate community discussion and help drive the technical direction of the standard based on community input.  We hope to increase the engagement of the CPE community over the coming year.

3.   Thanks in large part to CPE’s inclusion in SCAP, MITRE and NIST have committed to working increasingly closely to ensure the success of CPE.  “Dictionary hygiene” is a recognized concern.  There are a number of underlying reasons.  One of the ways we’re going to try to improve the situation is to streamline the content management process, moving all those duties to NIST.  We’re still working out the details, but we hope that this transition will appear seamless.

4.   We also believe that dictionary hygiene isn’t CPE’s only issue.  We are concerned that CPE does not seem to have gained “traction” comparable to its companion SCAP components.  This may be due to technical deficiencies, critical but unsupported use cases, or other factors.  My goal in the very short term is to try to get a better grasp on what exactly may be holding CPE back, then focus efforts on addressing those problems.  Expect to see another message from me on this topic in the very near future.  In the meantime, if you have a comment or opinion on this topic, please feel free to weigh in on the list.

 

While there were at least 100 people in the room last week, only a handful indicated that they were already members of this community.  That suggests that most of you were unable to attend.  It occurred to me that a number of you may have looked through the briefing charts and had unanswered questions.  If so, obviously one option is to post your question to the list.  Another option is for me to set up a live web conference in the next few weeks—to go through the material and foster some real interaction.  Interested?  If so, please send a note just to me and I’ll assess the best response.

 

I look forward to working with you all!

 

Cheers,

/Brant

 

Brant A. Cheikes
The MITRE Corporation
202 Burlington Road, M/S K302
Bedford, MA 01730-1420
Tel. 781-271-7505; Cell. 617-694-8180; Fax. 781-271-2352

 

From: Cheikes, Brant A. [mailto:[hidden email]]
Sent: Monday, November 02, 2009 1:50 PM
To: cpe-discussion-list CPE Community Forum
Subject: [CPE-DISCUSSION-LIST] "Future of CPE" briefing at SCAP conference

 

All,

 

For those who were unable to attend the “Future of CPE” session last Thursday (10/29) during the SCAP conference, I’ve attached the briefing charts that were presented.  Before the week is out I’ll circulate notes from the session.

 

/Brant

 

Brant A. Cheikes
The MITRE Corporation
202 Burlington Road, M/S K302
Bedford, MA 01730-1420
Tel. 781-271-7505; Cell. 617-694-8180; Fax. 781-271-2352

 

From: McCormick, Christopher [USA] [mailto:[hidden email]]
Sent: Friday, September 25, 2009 9:00 AM
To: cpe-discussion-list CPE Community Forum
Subject: [CPE-DISCUSSION-LIST] 5th Annual IT Security Automation Conference

 

Hello CPE community,

 

  As many of you know, the details of the upcoming Security Automation Conference and Expo in late October 2009 are being finalized.   You may find this information helpful in the event you plan to attend.  Registration information as well as a draft agenda can be found at http://scap.nist.gov/events/

 

5th Annual IT Security Automation Conference and Expo
Date: October 26-29, 2009
Location: Baltimore Convention Center, One West Pratt Street, Baltimore, MD

 […]