As I sit on my deck writing this blog post (while also enjoying an amazing glass of wine), I can’t help but reflect upon our inaugural NTSC National CISO Policy Conference held at the Georgia Tech Global Learning Center last week. It’s a bit surreal to think that all the months of planning and attention to detail are over—at least until we start the process of planning for our 2018 NTSC National CISO Policy Conference!
I’ll admit that the details of planning this conference offered me a unique experience. In the past, I’ve served as Committee Chair for various conferences but I wasn’t the one making all the decisions. Who do we invite? What kind of microphones do the speakers need? What do we have for lunch? Building this conference from the ground up (with the guidance of our Associate Director Kimberly Steele) was a special experience and I won’t easily forget the lessons that we learned.
The part that I think we got most right was the speaker lineup. After a special video welcome from Jim Langevin (U.S. Representative for Rhode Island and co-chair of the House Cybersecurity Caucus), Lieutenant General Kevin McLaughlin opened our conference with a broad overview of national security trends. Rami Rahim, the CEO of Juniper Networks, talked about how artificial intelligence, big data, and automation are coming together to form a unique shield against cybercrime. And Adam Isles from The Chertoff Group (and former Deputy Chief of Staff for the U.S. Department of Homeland Security) gave an overview of the cyberthreat landscape and how CISOs can better prepare their Boards for the possibility of a cyber event.
From left to right: NTSC Executive Director Patrick Gaul, NTSC Associate Director Kimberly Steele, NTSC Board Chair Tim Callahan, Juniper Networks CEO Rami Rahim, Lieutenant General Kevin McLaughlin, and NTSC President Larry Williams
We also enjoyed three wonderful panel discussions that covered the cyberthreat intelligence sharing program, cybersecurity and education, and the far-ranging implications that GDPR will have on American businesses. These panels were comprised of CISOs, senior cyber executives from the private sector and academia, and two well-respected professors (Peter Swire and Milton Mueller) from Georgia Tech.
And finally, the amazing audience. What an engaged group of folks! We hosted CISOs from across the nation. We hosted Officers from the Army Cyber Warfare School at Fort Gordon, Army Reserve Officers, and even a midshipman from the Naval Academy. Cyber students from Georgia Tech attended, and several CEOs from security companies were present. Each audience member brought a unique perspective to the conference and it was fascinating to listen to their questions, comments, and observations during the very interactive sessions.
One fundamental truth kept surfacing throughout the conference: Cyber is an integral part of our lives and no one can escape the threats it poses. However, we can recognize and acknowledge those threats by creating effective policies that mitigate the effects associated with cyberattacks. And we can continue to encourage the public sector to work with the private sector by sharing contextual threat intelligence and forming an alliance that equips and better prepares us against cyberthreats going forward.
During the conference, I was genuinely encouraged by the support the NTSC received and the many guests who urged us to continue with our mission to represent the voice of the CISO in Washington, D.C. While it’s great to celebrate a few days afterward with this nice glass of wine on my deck, I also realize that our work has just begun.
In the short-term, our immediate work continues by hosting our Policy Roundtables across the nation (including our next roundtable discussion in Cambridge, Massachusetts on November 14) and listening to the men and women in the public and private sectors who are tasked with defending our cyber interests.
In the long-term, we will continue to evolve our policy positions, expand our stellar Board of Directors to include more CISOs from around the nation, and more actively involve ourselves in the national dialogue about important cybersecurity legislation. We hope to see you at next year’s conference, and let me know if you want to play a role (or a bigger role) in the NTSC as we unite both public and private sector stakeholders around policies that improve national cybersecurity standards and awareness.