Cyberminded Scenes From Symantec's Government Symposium

For its 2009 Government Symposium on June 16, Symantec hosted about 1,000 attendees at a one-day conference at the Ronald Reagan Building and International Trade Center in Washington, D.C., where the future of cybersecurity in all its forms was on everyone's mind. Between keynotes from top government security experts, the symposium covered everything from the terror of the Conficker worm to the viability of cloud computing in the public sector.

Former Symantec CEO and current board chairman John Thompson opened the symposium, urging the government IT security community to foster collaboration between public and private entities.

Thompson's point was a common theme throughout the symposium. As he introduced the morning keynote address, Symantec CEO Enrique Salem told attendees, "If we're going to protect digital infrastructure, we must absolutely share information."

U.S. Senator Mark Warner (D-Va.) told attendees it was "stunning" to him that health care, which represents 17 percent of GDP, hadn't changed all that much from decades ago, at least from a technology perspective. He added that smart grid technology is one of many areas that will make energy "the next wave" in technology opportunities.

"If I had to pick a future area where I saw more jobs and wealth being created than any other, it's energy," he said. "America is not at the leading edge."

Warner echoed the call for public and private sector collaboration when it came to revising the government's cybersecurity policy.

"I know the challenges that exist," said Warner, a co-founder of Nextel. "There has to be a balance between public and private. I'm encouraged by a cybersecurity czar but I'm concerned he or she will get buried [in the public side]. The real value-add can be done with private sector partners."

Carahsoft, a Reston, Va.-based solution provider, was one of several government integrators in the exhibit pavilion.

"Industry, academia, private citizens and the federal government must cooperate to ensure the security of our systems," said Craig P. Abod, Carahsoft's president. "Applying the right technology and policy to make that happen will be key and Symantec is well positioned to serve in this area."

Select attendees were invited to roundtable-style discussions with state and local government representatives. A number of state governments and local municipalities were represented at the symposium, along with delegates from nearly every federal agency.

In the accompanying picture, Robert Colorina (center), a director and adviser with private equity holding company American Industrial Corp., stops for a quick chat.

A tightly packed schedule and plenty to do in both sessions and the exhibit hall left little time for meetings, but as with any trade-show-style conference, a busy day doesn't stop anyone from improvising.

Jim Jaeger, director of cybersystems for General Dynamic Advanced Information Systems, hosted a panel on enterprise assurance and shared threat situation awareness.

"One of the biggest challenges is information sharing," Jaeger said in a interview after his session. "It's become increasingly obvious that the government can't solve security problems themselves. Sharing information has become critical. We need to provide an environment where it can be shared."

Jim Russell, Symantec's vice president for public sector, takes in the scene.

Greig Fields, Hewlett-Packard's U.S. federal government director of strategic sales, hosted a panel on cloud security with representatives from Google Apps, the Department of Justice and the National Institute of Standards and Technology.

Symantec CEO Enrique Salem introduces lunchtime keynote speaker Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils. Hathaway is in the running to be the White House's first cyberspace coordinator.

Hathaway told Symantec attendees that President Barack Obama had demonstrated an "unprecedented level" of engagement in cybersecurity initiatives by a U.S. president. She said that she and her team would release a comprehensive national incident response plan for cybersecurity by the end of 2009.

"You can expect a dialogue on this issue with the private sector," she said. "You will also see us working with Congress because many issues will require a legislative fix."

Susan Alexander, chief technology officer for information and identity assurance in the Office of the Assistant Secretary of Defense for Networks and Information Integration, described meeting cybersecurity threats as changing paradigms and making agencies more proactive.

"In the past, the Department of Defense has mostly looked at things in terms of vulnerabilities," she said. "But there's been a shift toward making our systems more secure and creating an environment that protects users. That means not only protecting them but also being able to recover quickly when bad things happen."

Speaking on a panel devoted to the Comprehensive National Cybersecurity Initiative, William Crowell (right), a security consultant and former deputy director of the National Security Agency, said creating a cybersecurity plan understood and utilized by all government agencies was one of the biggest challenges faced in the public sector. He also emphasized the role of integrators in meeting those challenges.

"Integrated solutions are very important. When identifying who and what in the network can be trusted, that idea of identifying 'what' is relatively new," he said. "It's going to be a huge financial drain on the country if we don't get it right."

At Crowell's right is Bruce McConnell, an independent cybersecurity consultant.

Red Hat was on hand with its Enterprise Linux virtualization solutions, pushing the idea of "virtualization means fiscal responsibility" to public sector customers.

Daud Santosa, chief technology officer, National Business Center at the Department of the Interior, joined panelists from Symantec, Red Hat and the Department of the Treasury to talk about security precautions for virtual computing environments.

A panel on management strategies for virtualization included (left to right) Chris Runge, director, solutions architects for Red Hat; Byron Blocker, director, IT&S Systems Integration Division, U.S. Government Printing Office; and Henry Foxwell, senior systems engineer, Sun Microsystems Federal.

Symantec representatives were on hand throughout the day to discuss cybersecurity policy issues, security software supply chain vulnerabilities, government 2.0 -- and winning a Garmin GPS if you were so inclined.

In the end, the day wasn't all sober reflections on cybersecurity -- Symantec and its vendor partners had a number of terrific raffle prizes in store, too.