Cipher Summit Agenda

Cipher Summit 2023 Agenda

Tentative Agenda as of February 2023

Quantum-Resistant Security

Quantum computing is advancing rapidly and its impact is likely to be large—the potential computational power could render today’s encryption algorithms obsolete. To address this looming threat, the White House issued a National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems (NSM 10) in this May. The NSM 10 fact sheet states that “America must start the lengthy process of updating our IT infrastructure today to protect against this quantum computing threat tomorrow.”

The memo continues by stressing that, “Central to this migration effort will be an emphasis on cryptographic agility, both to reduce the time required to transition and to allow for seamless updates for future cryptographic standards.” Keep in mind that even if a crypto-analytically relevant quantum computer is a decade away, bad actors can take note of potential vulnerabilities now, and exploit them later.

Attend this session to learn how to start the transition to quantum-safe cryptography. The speakers will discuss four key factors to consider when preparing for a quantum-safe encryption strategy:

• Quantum is coming – Learn why PKI based classic crypto will become obsolete
• Know your risks – Learn how long-term data is at risk to harvesting and subject to early attacks
• Focus on crypto agility – Learn what to look for in a quantum-resistant crypto solution
• Start today – Learn how to design a quantum resistant architecture

Data Protection at the Edge

Core computing functionality commonly found in data centers and in the cloud is also being deployed at the edge—data protection capabilities must transition with that move.

However, many challenges often stand in the way of extending core-level security to the edge. Harsh environments; bandwidth-limited and disconnected sites; overrun or hostile scenarios; and constraints related to size, weight, and power have made it difficult to employ the appropriate levels of security while allowing the kind of quick response needed at the edge.

True data protection extends to edge. Attend this sessios to learn how to apply the same level of security deployed in the core and the cloud to edge environments. Speakers will discuss topics including:

• How to contend with environmental and operational constraints at the edge
• How to extend your existing cybersecurity infrastructure to the edge
• Why supply chain security is critical at the edge

Study Hall: CipherTrust Data Security Platform

As data breaches continue at alarming rates, securing sensitive data is critical to all organizations. In addition, organizations struggle to stay compliant with evolving privacy regulations, and securing the cloud in the face of accelerated adoption brought on by the new demand to support tremendous number of remote employees. IT security organizations seek a data-centric solution that secures the data as it moves from networks to applications and the cloud.  When perimeter network controls and endpoint security measures fail, protecting data at rest is the last line of defense.

Attend this Study Hall Session to learn how CipherTrust Data Security Platform removes complexity from data security, accelerate time to compliance, and secure cloud migrations. It is built on a modern micro-services architecture, is designed for the cloud, includes Data Discovery and Classification, and fuses together the best capabilities from the Vormetric Data Security Platform and KeySecure and connector products. CipherTrust Data Security Platform unifies data discovery, classification, data protection, and unprecedented granular access controls with centralized key management – all on a single platform. This results in less resources dedicated to data security operations, ubiquitous compliance controls, and significantly reduced risk across your organization.

Topics discussed will include:

• Product overview
• New features and enhancements
• Product discussion forum

Study Hall: Hardware Security Modules

Placing a gap between the threat vectors that have access to your data and the threat vectors that have access to the cryptographic keys used to encrypt/decrypt data is a fundamental best practice.

A strong foundation for digital security means you are protected without compromising agility, usability or scalability so that you can meet the high demands of regulations and audit requirements. Ensuring your cryptographic keys and digital identities are always secure and establishing integrity, confidentiality and trust between devices, users and data is critical.

Attend this Study Hall Session to learn how Thales TCT’s Hardware Security Modules implement a strong root of trust to secure most sensitive data.

Topics discussed will include:

• Product overview
• New features and enhancements including FedRAMP High Cloud-Based HSM and tactical HSM capabilities
• Product discussion forum

Study Hall: Network Encryption

High speed networks are the critical foundation that supports many of an agency’s most vital communications and operations. However, this foundation is at risk of surveillance and attack by increasingly sophisticated cyber criminals and well-funded nation states. These network connections, if unprotected, are proving to be highly vulnerable, leaving sensitive assets exposed. Threats such as shared infrastructure exposure, man-in-the-middle attacks, and metadata exposure leave agencies susceptible to a range of devastating repercussions.

So, what is the best way to protect network traffic? Encrypt everywhere—between data centers and headquarters to backup and disaster recovery sites, whether on premises or in the cloud.

Attend this Study Hall Session to learn how Thales TCT’s Network Encryption Solutions efficiently and effectively protect their network traffic in order to safeguard it from threats.

Topics discussed will include:

• Product overview
• New features and enhancements
• Product discussion forum

Study Hall: Identity & Access Management

Offering the broadest range of multi-factor authentication methods and form factors, Thales TCT facilitates and empowers enterprise-wide security initiatives for maintaining and improving secure access to enterprise resources.

Thales TCT offers authentication solutions that address the evolution of identities. From traditional high assurance and commercial-off-the-shelf authentication solutions to first-of-a-kind hardware security module-based identity credentials, Thales TCT offers the most secure, certificate-based authentication platforms available to the U.S. Federal Government.

Attend this Study Hall Session to learn how Thales TCT’s ICAM solutions Allow you to address numerous use cases, assurance levels and threat vectors though our authentication platforms which offer uniform, centralized policy management—delivered in the cloud or on premises. Supporting software solutions include SafeNet Trusted Access (STA) and SafeNet Authentication Service, access management and authentication services, and SafeNet Authentication Client Middleware, for certificate-based authentication.  Thales partners with 3rd-party CMS vendors to offer the most comprehensive identity access and authentication management solutions.

Topics discussed will include:

• Product overview
• New features and enhancements
• Product discussion forum

Bill Becker, Chief Technology Officer, Thales TCT

Bill Becker is Thales TCT’s Chief Technology Officer (CTO). Bill is responsible for the company’s technical vision and product strategy.  As CTO, Bill leads Thales TCT’s strategic initiatives associated with the development of innovative cybersecurity solutions to meet the needs of the company’s U.S. Federal Government customers. Bill also works directly with the company’s customers and technical partners to evaluate emerging technologies.

Bill has spent nearly 30 years developing technology in support of cybersecurity and government initiatives. He has been with Thales TCT (formally SafeNet Assured Technologies) since its creation in January 2015. Previously, he spent 18 years with SafeNet, Inc. most recently serving as a Technical Architect in the CTO’s office. In this role, he supported government-related business by focusing on transitioning traditional data security products to new virtual and cloud based architectures. Bill has also held positions at Northrop Grumman where he specialized in the development of fighter jet radar systems.

Julian Fay, CTO, Senetas

Julian Fay is CTO of Senetas Corporation Limited and co-founder of Senetas’s leading high-assurance encryption technology used to protect government, defence and commercial enterprise networks in more than forty countries.

Julian’s responsibilities include product development and working with technology partners, service providers, channel partners and major customers around the world to identify their current and emerging data security needs.

With more than 25 years’ IT&T experience and his key role in Senetas’s product planning and R&D, Julian has worked closely with many of the world’s most secure organizations

Lloyd Mitchell, President, Thales TCT

Lloyd Mitchell is Thales Trusted Cyber Technologies’ (TCT) President. As President, Lloyd is focused on expanding Thales TCT’s portfolio of data security products, creating an innovative work environment, and establishing Thales TCT as a leader in the U.S. Federal market for providing high quality products and world class customer support.

Lloyd has been with Thales TCT since its inception in January 2015. Previously, Lloyd served as Thales TCT’s Vice President of Technology. In this position, Lloyd lead Thales TCT’s engineering and innovation teams in developing and enhancing new and existing cyber security solutions for the U.S. Federal market.

Lloyd has spent over 20 years with SafeNet, Inc. (Thales TCT’s predecessor) most recently serving as a Chief Architect. During his tenure with the company, he has grown a deep practical experience in data and network security through building products that secure corporate and national interest.

Bill Newhouse, Cybersecurity Engineer & Project Lead, National Cybersecurity Center of Excellence, NIST

Bill Newhouse is a cybersecurity Engineer at the National Cybersecurity Center of Excellence (NCCoE) in the Applied Cybersecurity Division in the Information Technology Laboratory at the National Institute of Standards and Technology (NIST).

His work pushes for the adoption of functional cybersecurity reference designs built from commercially available technologies in the NCCoE lab. These projects rely on establishing communities of interest with members from industry, academia, and government to gain insight and passion about the areas of cybersecurity risk that need to be addressed and result in publications known as practice guides. Mr. Newhouse has completed practices guides focused on the hospitality, retail, and Federal sectors.

In October 2020, he began a cybersecurity collaboration with the U.S. Department of Energy to research and develop cybersecurity risk management tools for the storage, transportation, and handling of energy resources within the ports of our maritime transportation system. His responsibilities also include identifying ways to include financial services sector use case scenarios in NCCoE projects/practice guides.

Mr. Newhouse held the position of deputy director for NIST’s National Initiative for Cybersecurity Education (NICE) where he promoted the use of the NICE Framework in education, training, and workforce development activities that grow the number of people who are prepared to mitigate cybersecurity risk.

Mr. Newhouse began his Federal career over 35 years ago at NSA as a cooperative education student. During his 23 years at NSA, his work shifted from telecommunication systems to information assurance. His final five years at NSA were spent in the Office of the Secretary of Defense initially with the Assistant Secretary of Defense for Research and Engineering and then with the Office of the Chief Information Officer for Identity and Information Assurance focused on cybersecurity R&D oversight and technology discovery. For over a decade, he represented OSD and then NIST at Federal cybersecurity focused R&D working groups and contributed to three different Federal cybersecurity R&D Strategic Plans.

Simon Patkovic ,VP Quantum Safe Solutions, IDQuantique

An established cybersecurity veteran, Simon Patkovic is dedicated to the ever-evolving, complex dynamics of cyber innovation and governance, and how they impact Government, Telecom, and Fortune 500 organization Leaders, Boards, and IT Executives. His previous tenures at ISARA, a Canadian leader in Post Quantum Cryptography, and Blackberry, as a Global VP of Government Solutions, as well as numerous advisory roles including in EEMA (Euopean Organization for E-Identity and Security) and NATO Industry Association, granted him deep-sector knowledge of emerging Quantum communication technologies and Edge Computing.

In addition to his executive roles in the industry, Simon was an active participant in private-public consultations with national security and intelligence agencies throughout the Middle East, Europe, and Asia, with a focus on data surveillance and lawful intercept, security regulations, and privacy issues. His post-graduate education includes Master degree in Technology Governance at Solvay Brussels School of Economics and EMBA at Harvard Business School. He is also a published author, frequent public speaker and guest in programs at Bloomberg, Milken Institute and CNBC. He currently lives with his family in rural Surrey, UK.

Evan Pelecky, Product Manager, Thales TCT

Evan Pelecky is Thales Trusted Cyber Technologies’ (TCT) Product Manager for Cryptographic Key Management. In this role, Evan is responsible for delivering innovative, trusted, and secure hardware security modules and cryptographic key management solutions for use in U.S. federal infrastructures.

Evan has been with Thales TCT (formally SafeNet Assured Technologies) since 2018, most recently filling the role of lead technical support engineer for hardware security modules. Additionally, he serves as an officer in a cyberspace operations group of the Maryland Air National Guard and is a member of the Maryland State Bar.

Dominic Perez, CISSP, CTO, Curtiss-Wright

Dominic Perez, CISSP, is the Chief Technical Officer at Curtiss-Wright. He has been with PacStar, now a part of Curtiss-Wright Defense Solutions, for 15 years. During that time, Dominic supported development of PacStar’s rugged, tactical hardware and IQ-Core® Software, serving as the subject matter expert for compute, virtualization and virtualized network functions. He is part of the PacStar team that won tactical networking equipment and software awards for numerous DoD tactical programs, including the U.S. Army T2C2, SFAB, ESB-E, PM TN Secure Wireless Small Form Factor, PEO-C3T TCNO and Marine Corps NOTM vehicle-mount and deployable communications programs.

As CTO Dominic works closely with internal engineering resources and best-of-breed partners in the networking and cybersecurity space to bring cutting edge enterprise technologies to the DoD, and ultimately the warfighter.  Current areas of pursuit are PacStar Modular Data Center product line with the goal of deploying vendor-agnostic cloud integration to the tactical edge ensuring that warfighters have up-to-date access to critical decision-making information and information technology systems in the face of disconnected, limited and intermittent (DIL) environments and PacStar’s Commercial Solutions for Classified products offering rapid and secure access to networks and data without the expense or burden of managing Type-1 encryption solutions.

Prior to joining PacStar, he used to work for Biamp, where he created automated testing infrastructure for the hardware, firmware and software powering their network distributed audio, teleconferencing and paging systems. Dominic studied mechanical engineering and computer science at Oregon State University. He currently holds multiple professional certifications from VMware in Data Center Administration; and from Cisco in Design, Security, and Routing/Switching; and EC Council and ISC2 in Security.

Gina Scinta, Deputy CTO, Thales TCT

Gina Scinta is Thales TCT’s Deputy Chief Technology Officer (CTO). In this role, Gina serves as the company’s technology evangelist. Her mission is to help Thales TCT’s U.S. Federal Government customers learn effective ways to solve their mission critical cyber security challenges. Gina also leads several strategic initiatives for the company such as the collaboration with NIST National Cybersecurity Center of Excellence, ACT-IAC, and more.

Gina has over 30 years of experience in the technology community. Prior to joining Thales TCT, Gina served as a Senior Solutions Architect with Thales Digital Identity & Security. In this role, she focused on providing solutions for protecting data using world class encryption and key management for data at rest in data centers and cloud infrastructures.