U.S. superiority in network-centric warfighting may be in jeopardy. Join the discussion.

Network-centric Warfare has become the de facto standard for many nations, not just the U.S. Unfortunately, thanks to the exponential growth of global networks and the accompanying security vulnerabilities which seem to be infinite in number, the balance of power is no longer what it used to be and the U.S. cannot be assured of superiority in cyberspace.

Therefore, I think it's time that we had an indepth discussion on exactly how the InfoSec community can play a part in improving U.S. capabilities in Network-centric warfighting and/or U.S. covert actions rather than leaving such discussions solely to the classified world or one dominated by the Defense Industrial Base companies. As a result, I've invited 24 distinguished authorities from the DOD and the infosec world to come to San Diego and spend two days engaging in a discussion that will include the following topics, among others:

• "Operational Anonymity & Misattribution: Why you need it, how they track you, how to do it, how it fails, and best practices" - Lance Cottrell
• "Developing Offensive Cyber Tools, Techniques, and Procedures for Defending Corporate and Government Networks" - George Kurtz, Greg Hoglund, Jim Butterworth
• "Is there a place on Special Operations teams for Cyber or Information Warfare specialists?" - Thomas Dzieran, Rob DuBois, Jim Butterworth
• "Vulnerability Disclosure and ‘Cyberwar’: The Cost of Offensive Cyber Weapons" - Ryan Ellis
• Q&A with Kenneth Geers, Ph.D., Technical expert for the Tallinn Manual on the International Law applicable to Cyber Warfare
• "The Georgian Government’s cyber operation against internal political opponents" - Paul Joyal
• "The importance of international collaboration in identifying and interdicting non-state hacker groups" - Sanjay Virmani, Kenneth Geers, Michael Jaeger, Christopher Burgess
• "Projecting Geopolitically Relevant Cyber Hot-Spots" - Ali-Reza Anghaie
• "Threat Intelligence for the Enterprise on a Shoe-string Budget" - Shane MacDougall
• "Can big data and small incident response teams scale down to small and medium-sized businesses?" Steven Cobb
• "Advanced Technologies for Detecting the Insider Threat" - John Sipple
• "The State of National Cyber Intelligence" - Troy Townsend and Jay McAllister
• "All-Source Intelligence Shapes the Future of Security Operations Actions" - (to be announced)

I want to stress that while Suits and Spooks is a conference, it's not like any conference that you've attended before. We actually do have discussions because the speaker to attendee ratio is an unheard-of 1:4 or less. If you don't believe me, check out our testimonials page or ask anyone who's been to our past events.

Here's who you'll get to meet if you attend SNS La Jolla:

• Ali-Reza Anghaie: contract Security Engineer and Senior Analyst with Wikistrat
• David Burcham: President and CEO, VendorX
• Christopher Burgess: Sr. Security Consultant with Fortune 50 experience; retired national intelligence executive CIA
• Stephen Cobb: Security evangelist, ESET North America
• Chris Coleman: Vice President, LookingGlass Cyber Solutions
• Lance Cottrell: Founder / Chief Scientist of Anonymizer Inc., Chief Scientist of Ntrepid Corp.
• Robert DuBois: retired U.S. Navy SEAL, an international authority on Smart Power and the author of "Powerful Peace: A Navy SEAL's lessons on peace from a lifetime at war"
• Thomas Dzieran: retired U.S. Navy SEAL and software engineer
• Kenneth Geers, Ph.D.: U.S. Naval Criminal Investigative Service (NCIS) Cyber Subject Matter Expert
• Will Gragido: Senior Manager, RSA FirstWatch Threat Research
• Greg Hogland: Independent expert in offensive cyber strategies and tactics; former Vice President at Mantech and founder/CEO of HB Gary.
• Michael J. Jaeger (CAPT, USN): An active duty officer with the U.S. Navy Judge Advocate General's Corps
• Paul Joyal: Managing Director, NSI; Public Safety and Homeland Security Sector
• George Kurtz: Co-founder, President and CEO of Crowdstrike
• Rafal Los: Principal, Strategic Security Services, HP ESS
• Shane MacDougall: Co-founder Tactical Intelligence
• Jay McAllister: Senior Analyst, Software Engineering Institute, Carnegie Mellon University; formerly with NCIS
• Jeffrey McNeill, Ph.D.: Cyberspace Policy Analyst, STRATCOM
• John Pirc: Director, Security Intelligence, HP Security Research
• Billy Rios: Technical Director at Cylance, Inc.
• Andy Singer (USN RADM ret): Defense Intelligence Senior Leader; Deputy Director for Information Dominance Advocacy (OPNAV N2/N6)
• John Sipple: USN LT, AFRICOM J2 0166, IDC Region Wash DC
• Troy Townsend: Senior Analyst, Software Engineering Institute, Carnegie Mellon University; formerly with DIA and CYBERCOM
• Sanjay Virmani: Director, INTERPOL Digital Crime Centre; Supervisory Special Agent, FBI

Please help spread the word about this exciting and important event and join us in beautiful La Jolla on June 15-16. Register today.

Add to Cart View detail

Spontaneous Analysis of Unstructured Speech for Idea Development using Palantir

Sample Palantir Analysis: http://taia.co/rqGYrr

My goal for each Suits and Spooks anti-conference is to tackle a hard challenge with a unique approach. In this case, we're going to use Palantir to navigate and intuite patterns in unstructured human speech instead of unstructured data to find hidden connections and spark creative solutions.

Palantir was created to perform information analysis. We used it 3 1/2 years ago for our open source intelligence experiment called Project Grey Goose. In February, 2012 we're going to reinvent its use by moving from finding "fragments of data which tell a larger story" to finding fragments of ideas presented by speakers and commented upon by attendees. I'm particularly excited about the input from attendees because unlike the standard conference where attendees have to que up before one or two microphones, at SnS every attendee will have a microphone at their seat and will be able to challenge speakers during their 30 minute presentations. Additionally, attendees will be able to send text messages to the Palantir engineer for ingestion into the application. Twitter will be a third source of input by ingesting everything tweeted to @suitsandspooks on the day of the event. We will not only be capturing the remarkable information provided by our speakers but the ideas and feedback that it inspires on the part of our attendees.

Finally, all of those inputs will be linked and analyzed in real time by projecting the Palantir workspace onto a screen behind the speaker podium which will multiply the effect of idea generation as new linkages and conceptual ideas are displayed, added to, spoken about, analyzed and re-displayed repeatedly throughout the day. After the event is over, we'll publish a report containing our findings along with screen shots of the Palantir workspace that will portray how the analysis was done.

10 Days Left For The Early Bird Discount
Register today to be a part of this unique process and interact with the following remarkable individuals who'll be speaking:

• Ben Milne (founder of Dwolla)
• Jonathon Huston (Satellite Sentinel Project)
• John Robb (Brave New War)
• Janina Gavankar (Posterous Spaces for Actors)
• Jodee Rich (founder of PeopleBrowsr)
• Anup Ghosh (founder of Invincea)
• Daniel Geer (In-Q-Tel)
• Rand Waltzman (Darpa)
• (and more to come)

Please support this event with your attendance and with word of mouth. The topic - Shaping a Revolution in Security Affairs - is vitally important as the recent capture of a Top Secret RQ-170 Stealth Sentinel drone so dramatically illustrates. Everyone from the Director of the NSA on down knows that the present system is broken (with the exception of the RSA's of the world). This is your opportunity to be a part of discovering a more effective model. 

Add to Cart View detail

Actress, Banker, Soldier, Spy: Announcing Suits and Spooks II

I'm pleased and excited to announce an open registration policy for our next Suits and Spooks conference scheduled for February 8th, 2012. It'll be held at the beautiful Waterview Conference Center in Rosslyn, VA and registration will be limited to no more than 100 persons. Breakfast, lunch and a cocktail reception afterwards is included.

The Challenge: Shaping a Revolution in Security Affairs.
The complexity of today's computing environment has surpassed anything that the world has seen before. The amount of data generated globally is 72 Gigabytes per person on earth according to a 2011 EMC report. Past models for securing that data have had marginal to zero effectiveness. The U.S. government has produced multiple cybersecurity initiatives over the years which lay out many hard challenges along with recommendations for R&D. Suits and Spooks II will explore new thinking on how to re-shape an information security framework based upon the revolutionary work of individuals across a wide swath of disciplines including medicine, finance, entertainment, and technology. This transdisiplinary approach will include a visual scribe and real-time link analysis projected onto a split-screen behind the speakers. At the end of the day, we'll produce a report on our findings and distribute to the relevant agencies.

This second event is going to be different from our first Suits and Spooks conference in two very important way:

1. Open Admission. The first event was by invitation only because we were creating offensive and defensive strategies using social media as an attack platform. For obvious reasons, we felt it necessary to control admission. This event is focused on problem-solving using a multi-disciplinary approach (also known as Transdisplinarity) hence an invitation-only event would be too limiting. If you have an idea about how to build a better security framework, we want you to attend however we can only accomodate 100 of you.
2. Audience Participation.  We call these events an anti-conference because we aren't interested in packing seats to listen to lectures, nor are we interested in introducing customers to vendors. We involve the attendees directly in accomplishing the objective of the event. In this case, we'll be performing live link analysis using a mind-mapping application (we haven't selected one yet) on a screen behind the speakers. This will be done simultaneously with the speaker's presentations. Attendees will be able to send SMS messages or use a white board to communicate their insights into how any given speaker's presentation may connect to another speaker's presentation on a different topic or to the challenge that we're addressing. An operator will transfer those insights and connections to the application and build linking diagrams in real time.

We have some great speakers lined up, and I'll be featuring several of them in follow up posts this week. For starters, there's Christopher Burgess, Daniel Geer and Janina Gavankar:

Christopher Burgess. Christopher serves as the Chief Security Officer and President Public Sector for Atigeo, LLC a compassionate technology company.  He most recently served as the senior security advisor to the CSO of Cisco where he led the Global Threat Analysis, Global Investigative Support, Government Security Office and Litigation Support teams.  Prior to joining Cisco, he served from more than 30 years as a career intelligence officer within the Central Intelligence Agency.  Christopher was awarded the Distinguished Career Intelligence Medal by the CIA in recognition of his sustained significant accomplishments in the national security arena.  He sits on a number of advisory boards, including Mayo Clinic’s Social Media advisory board, and Rune Information Security.  Burgess is also a sough after speaker and writer, providing thought leadership on the topics of intellectual property protection, security stratagem, online safety  & privacy, social media, security education and awareness, intelligence, counterintelligence, protecting against corporate/industrial espionage and global geopolitical/economic affairs.  Additionally, he is the co-author of “Secrets Stolen, Fortunes Lost:  Preventing Intellectual Property Theft and Economic Espionage in the 21stCentury”.

Daniel E. Geer, Sc.D. Dr. Geer has 10 years in clinical and research medical computing followed by five years running MIT's Project Athena, the first distributed computing emplacement.  After a series of entrepreneurial endeavors either as a founder or an officer of the company, he's now in government service at In-Q-Tel, the investment arm of the US intelligence community. Dr. Geer's milestones include: The X Window System and Kerberos (1988), the first information security consulting firm on Wall Street (1992), convenor of the first academic conference on electronic commerce (1995), the "Risk Management is Where the Money Is" speech that changed the focus of security (1998), the Presidency of USENIX Association (2000), the first call for the eclipse of authentication by accountability (2002), principal author of and spokesman for "Cyberinsecurity: The Cost of Monopoly" (2003), co-founder of SecurityMetrics.Org (2004), convener of MetriCon (2006-present), author of "Economics & Strategies of Data Security" (2008), and author of "Cybersecurity & National Policy" (2010).  Creator of the Index of Cyber Security (2011) and the Cyber Security Decision Market (2011).  His participation in government advisory roles include the Federal Trade Commission, the Departments of Justice and Treasury, the National Academy of Sciences, the National Science Foundation, the US Secret Service, the Department of Homeland Security, and the Commonwealth of Massachusetts.

Janina Gavankar. Janina is an actress (HBO's True Blood) and a social media developer. I invited her to speak at Suits and Spooks after reading this Forbes article about how she found an innovative way to solve a problem that she and many of her fellow actors struggled with and that existing platforms like IMDB didn't solve. She kindly agreed to take time out of her HBO shooting schedule to make the trip to DC and share details about the problem set and her innovative approach to solving it. Understanding how individuals are tackling and solving hard problems outside of the information security industry and whether we can gain insights from that to apply to InfoSec will be a key component of our February event.

More speakers will be announced this week. I can promise you that Suits and Spooks 2 will be unlike any conference that you've ever attended. We anticipate a lot of interest in attending this event so I recommend that you take advantage of the early bird discount and register today. A free signed copy of the second edition of my book (due out in January 2012) will be included for all attendees.

REGISTER TO ATTEND SUITS AND SPOOKS 2

Related Posts:

"Suits and Spooks: Why I'm inviting the IC to Palo Alto"

Add to Cart View detail

"Suits and Spooks": Why I'm Inviting The IC To Palo Alto in September

Update 7/16/11: We now have more companies interested in sponsoring this event than there are sponsor slots available. Sponsors will be accepted based upon who completes their registration requirements first. Thank you all for your support.

The Suits and Spooks Conference that I'm launching this fall in Palo Alto is the culmination of 6 years of enjoyable yet frustrating work spent studying problems and experimenting with solutions in the national security space.  Looking back, I was incredibly naive about how things worked when it came to selling any product or service to the U.S. government. The conventional wisdom for startup or young firms selling to the government is to find a Prime contractor and become a sub on one of their contracts. The downside is that your innovative R&D will get absorbed by "the Borg" who's driven not by innovation but by catering to the traditional thinking of their government program manager.

The bottom line is that the U.S. government is locked into a broken acquisition system** that more often than not delivers sub-par results that are vastly over-priced; i.e., the FBI's Sentinel program - a $450 million dollar piece of shit created by the country's largest government contractor Lockheed Martin. I told a friend of mine at the FBI that they should have gone to Palo Alto with their application specs and they would have had a better, faster version built in a matter of months by some under-grads at Stanford for a tiny fraction of the cost. We agreed on that point but unfortunately things are never that easy inside the Beltway. But it kick-started what has now become the first Suits and Spooks conference in Palo Alto on Sept 23-24.

My concept for Suits and Spooks is for it to be the equivalent of a particle accelerator, where the real-time challenges of the IC collide with the most innovative minds of Silicon Valley in one day of frank discussions, demos, and speed rounds. The result, I hope, will be fresh, unanticipated, and ground-breaking. At a minimum, two groups that desperately need to interact more often will have a new, safe venue to do so.

The Agenda

Friday, Sep 23, 2011
6:30p - 7:30p Registration, Welcome reception and cocktails
7:30p - 9:00p Dinner w/ Keynote speaker (to be announced)

Saturday, Sep 24, 2011
7:30am - 8:30am Registration and Continental Breakfast
8:30am - Opening remarks
8:45am - 9:15am Keynote speaker (to be announced)
9:15am - 10:30am IC Panel Discussion #1
10:30am - 11:30am SNA Speed Round #1
11:30am - 12:30pm Breakout sessions #1
12:30pm - 1:30pm Lunch w/ Keynote speaker (to be announced)
1:30pm - 2:45pm IC Panel Discussion #2
2:45pm - 3:45pm 2nd Speed round #2
3:45pm - 4:45pm Breakout sessions #2
4:45pm - 5:30pm Q&A and Networking

Three Components
Panel discussions (two): Each panelist is a senior employee from one of the IC agencies. I have confirmed or confirmation-pending participants from CIA, DIA, DHS, DNI, FBI, ICE, and NSA. Each panelist will speak for 10 minutes and then take questions.
Speed rounds (two): Each speed round will feature 10 startup companies that have 5 minutes to showcase their social media or social network analysis application. It doesn't have to have anything to do with infosec. In fact, we prefer that it doesn't. We're looking for innovative directions in social networking.
Breakout sessions (two): These consists of demos by our sponsors and discussions by our speakers in very small groups where frank exchanges of ideas and test-drives of applications are encouraged.

The Venue
Suits and Spooks 2011 will take place in a loft space on the top floor of the old Facebook building in Palo Alto, CA.

How You Can Participate
Become a sponsor: We have 5 2 sponsor slots priced at $7500 each. One company can acquire all 5 2 slots or 5 2 separate companies can acquire 1 slot each. Besides having a table at the conference, they'll be involved with 2 hours of breakout sessions for hands-on demos and, of course, have their name and logo affiliated with the event and all materials associated with it.
Apply for a speed round: If you're a startup, apply for a speed round slot. We have 20 17 slots open. If you're accepted, your only cost is the registration fee of $150 (50% discount off the early bird price).
Come as an attendee: We're accepting 100 attendees who aren't sponsors or participants in a speed round but who have a professional interest in social networks. The admission fee is $300 if paid before Sept 1 Aug 15th* but you need to request an invitation and be accepted first.

You can get involved by sending me an email message stating how you'd like to participate. The interest for this event, both among my government friends and my Silicon Valley friends, is very high. I'm looking forward to it and hope that you'll participate with me in making it a success.
----
* I've had to move the early bird registration deadline up due to the deposit requirements of our hotel. Please get your registrations in early so that you don't miss out.
** Vivek Kundra just confirmed the existence of this "broken acquisition system" by referring to the existence of an IT vendor cartel made up of a few large companies win contracts because of a superior understanding of the procurement process instead of superior technology. 

Add to Cart View detail