August 14, 2007
Information Sharing: Strategies that Enable Security Across Government Operations
Dr. Ron Ross
Senior Computer Scientist, NIST
Dr. Ron Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST). His areas of specialization include security requirements definition, security testing and evaluation, and information assurance. Dr. Ross currently leads the Federal Information Security Management Act (FISMA) Implementation Project for NIST, which includes the development of key security standards and guidelines for the federal government, contractors supporting the federal government, and the United States critical information infrastructure. His recent publications include Federal Information Processing Standards (FIPS) Publication 199 (the security categorization standard), FIPS Publication 200 (the minimum security requirements standard), NIST Special Publication 800-53 (the security controls guideline), NIST Special Publication 800-53A (the security assessment guideline), and NIST Special Publication 800-37 (the system certification and accreditation guideline). Dr. Ross is also the principal architect of the NIST Risk Management Framework that integrates the suite of FISMA security standards and guidelines into a comprehensive enterprise-wide information security program.
Dr. Ross is a frequent speaker at public and private sector venues including federal agencies, state and local governments, and Fortune 500 companies. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. A graduate of the United States Military Academy at West Point, Dr. Ross served in a variety of leadership and technical positions during his twenty-year career in the United States Army. While assigned to the National Security Agency, he received the Scientific Achievement Award for his work on an inter-agency national security project and was awarded the Defense Superior Service Medal upon his departure from the agency. Dr. Ross is a two-time recipient of the Federal 100 award for his leadership and technical contributions to critical information security projects affecting the federal government. During his military career, Dr. Ross served as a White House aide and as a senior technical advisor to the Department of the Army. Dr. Ross is a graduate of the Program Management School at the Defense Systems Management College and holds both Masters and Ph.D. degrees in Computer Science from the United States Naval Postgraduate School.
Mark Kagan
Research Manager, IDC Government Insights
As Research Manager, Mark is responsible for the development of innovative research in government acquisition and risk management. He has extensive experience in government sector procurement, risk management, innovative service-level agreements, performance-based and outcome-based contracting, performance awards/penalties, and program management implementation. Mark's research at Government Insights covers all government agencies and vendors who serve them, with special emphasis on defense, intelligence, security (cyber and physical), and homeland security. He also focuses on how 'cultural' factors facilitate or hinder change, the adoption of new technologies and processes, and subsequent impact on risk analysis and risk management.
Prior to joining Government Insights, Mark was a Principal Consultant at Federal Sources, Inc., where he assisted clients in understanding government budgetary and technology priorities, trends, challenges, and market sizing. While covering the entire range of government and contractor activities, he focused particularly on defense, intelligence, and security issues. He has also worked as a Military Analyst and Editor at the Washington, D.C. office of Jane's Information Group, where he specialized in covering technologies and markets in the areas of ordnance, military vehicles, engineering equipment, small arms, and nuclear, biological and chemical (NBC) warfare. Previously he worked at the International Strategic Studies Association, where he wrote articles and special studies for its publications and databases on defense, foreign affairs, terrorism, and the Middle East.
Mark's journalism background includes tenures as Business Editor at Signal magazine, published by the Armed Forces Communications and Electronics Association (AFCEA); Managing Editor at Kerrigan Media International (KMI), which publishes Military Information Technology, Military Training Technology, and Military Medical Technology magazines; and Senior Staff Editor for the Washington News Bureau, which specialized in coverage and analysis of the information technology and telecommunications industries and markets. His articles have also appeared in such publications as Defense News, Christian Science Monitor, Newsday, Defense & Foreign Affairs Daily, MidEast Markets, and National Security Quarterly.
Mark began his professional career as an Intelligence Analyst at the National Security Agency (NSA), where he also taught courses on the Middle East and Arabic at the NSA National Cryptologic School. He subsequently worked at the Defense Intelligence Agency (DIA) as a Military Economist, where he tracked international arms transfers and military technologies.
Mark, who speaks Arabic and Hebrew, holds a B.A. in Political Science from the State University of New York (SUNY) at Stony Brook, and an M.A. in International Affairs and Middle East studies from Columbia University, New York. He also studied at Alexandria University in Egypt, and at Haifa University and Hebrew University in Israel.
Steven Jarosz
Senior Systems Engineer
Sun Microsystems
Steven Jarosz is a Systems Engineer with Sun Microsystems and has helped customers become successful by starting them down the correct paths pertaining to the complex natures of Identity Management. Sun Microsystems is considered a leader in the topic of Identity Management and Steven provides insight and clarity into the breadth of its software portfolio.
Steven holds over 15 years of software and systems design experience. He worked as a developer for several system integrators when the Internet was young, helping build solutions that fueled the dotcom boom. He later worked for Internet greats including Netscape and America Online. It was here that knowledge and experience of massive scale and security enriched solutions were matured.
Now at Sun Microsystems, and with the experience of identity systems that house populations of countries not just companies, Steven can provide his customers with valuable information and experience on how to become successful in ventures such as getting their identity house in order, proving compliance or building new SOA and identity aware infrastructures. That, in turn, helps customers quickly and securely provide next generation services and offerings for our networked world.
Jim Jessup
Regional Manager, Federal Information Risk Management Specialist Team
Symantec
Jim Jessup leads Symantec’s Federal Information Risk Management sales team. Jim joined Symantec in July of 2006. Prior to Symantec, Mr. Jessup spent 11 years at Sun Microsystems where he led Sun’s Civilian agency business unit. In this role Jim was responsible for enterprise sales including enterprise security solutions focusing on federated identity management.
As the leader of Symantec’s Federal Information Risk Management sales team, Jim is responsible for leadership and overall sales performance, competency and readiness for a team of sales specialists and systems engineers. The IT Risk Management solution portfolio includes products and services that enable organizations to effectively and efficiently manage IT risk as it relates to network access control, compliance and messaging management – including archiving and discovery of critical data.
Jim holds a BS in Electrical Engineering Technology from the SUNY College of Technology. Jim also holds several specialized certifications in computer system architecture, application design and management excellence
Adelle McIlroy
Senior Manager, Cyber Security and Enterprise Software
GTSI
Ms. McIlroy brings a 15-year career in the information technology sector, with experience comprised of hands-on technical, management, and consulting experience in both services organizations and financial services.
Ms. McIlroy has broad experience in the management of large services projects and programs. Her recent accomplishments include management of a 20-person team focused on conducting network and web application penetration testing and associated activities for a Fortune 500 clientele. In addition, Ms. McIlroy has significant experience as an information systems security auditor, both for consulting clients and for several national banks.
Ms. McIlroy was the managing director of the Global Ethical Hacking Center of Excellence for International Network Services. In that role, she was responsible for the management of a revenue consulting organization, reporting directly to the chief technology officer. The clientele for the Center included many Fortune 100 and Fortune 500 clients, and a roster of international clients in the United States, Europe, and Asia. The staff of the Center included consultants, managers and sales representatives based in London, Amsterdam, Singapore, New York, Washington, DC, and a variety of other locations in the United States. The role included full P&L accountability.
Subject Matter Expertise:
Ms. McIlroy has presented at a variety of technical conferences on Information Security and Disaster Recovery topics, including conferences hosted by Cisco Systems, Inc., the SANS Institute, and others.
Certifications:
- Certified Business Continuity Planner, 2003.
- Certified Information Systems Security Professional, 1999.
- Certified Information Systems Auditor, 1996.
Education:
- B.S., Mathematics & Physics, University of Miami, 1989.
Published Articles:
Ms. McIlroy has been published in a variety of technical journals and books, including publications from the Disaster Recovery Institute and SANS Institute, and has been quoted on information security topics by the Washington Post and Village Voice.
Mohamed Elrefai
Vice President, Enterprise Solutions Group, GTSI
Mohamed Elrefai is vice president of the GTSI Enterprise Solutions Group (ESG), which is responsible for working across the company to develop and support five chosen solution areas: Mobile Evidence Capture, Unified Communications, Network Security, Server Consolidation, and Storage Consolidation. He leads the four teams that comprise the ESG - Network Security, Mobility and Physical Security, Enterprise Software, and Enterprise Computing. These teams will develop the solutions capabilities, pairing the right engineering with the best partners to support them.
Mr. Elrefai brings over 15 years of managerial experience in sales and information technology areas. For the last four years, he led the Networking and Communications Technology team at GTSI where he grew and strengthened the GTSI strategic partnership with Cisco, brought a number of talented professionals to GTSI, and increased revenue.
He began his career at Anixter, Inc., and held a number of positions of ascending responsibility in engineering, sales, and management culminating as vice president, federal network integration. From Anixter, he joined Learning Tree International and served as vice president of corporate sales.
Mr. Elrefai holds an MS in Information Systems from American University and a BS in Electrical Engineering from Virginia Polytechnic Institute and State University in Blacksburg.
