|
|
Keynote Speakers
Hugo Teufel, Director of US Advisory Practice
PricewaterhouseCoopers |
Morning Keynote:
 Hugo Teufel III joined PricewaterhouseCoopers LLP (PwC) in April 2009, as a director in PwC's US Advisory practice. Teufel, former Chief Privacy Officer for the US Department of Homeland Security, focuses on helping organizations with issues involving the privacy and security of data, cyber crime and corruption.
While serving as the Chief Privacy Officer for the Department of Homeland Security, Teufel was primarily responsible for privacy policy at the Department, reporting directly to the Secretary and Deputy Secretary. He testified regularly before various House and Senate committees and reported annually to Congress on the activities of the Department that affect privacy. Teufel was also a principal of the High Level Contact Group, a joint US/EU effort on transatlantic exchanges of data, and he regularly interacted with various European data protection authorities, parliamentarians and the European Commission.
From 2004 to 2006, Teufel served as an Associate General Counsel at the Department of Homeland Security. Previously, he served as Associate Solicitor for General Law at the US Department of the Interior.
Teufel graduated from the Washington College of Law of the American University and was the Senior Articles Editor of The Administrative Law Journal. He also holds a master�s degree in national security and strategic studies from the Naval War College. He also holds Certified Information Privacy Professional/Government (CIPP/G) certification from the International Association of Privacy Professionals.
|
Ron Ross, Senior Computer Scientist and Information Security Researcher
National Institute of Standards and Technology |
Luncheon Keynote:
Integrated Enterprise-wide Risk Management:
An Organization, Mission, and Information Systems View
 Managing enterprise risk from information systems is challenging for large and small organizations alike, due to a significant increase in the sophistication and intensity of cyber attacks. To respond to these ongoing organizational threats, NIST has developed an integrated risk management approach and framework with supporting technical security standards and guidelines.
The Risk Management Framework and supporting publications help senior leaders do security due diligence in protecting their information systems and the critical mission/business processes they support. The integrated risk management approach takes a broad view from strategic risk management at the organizational and policy level to the deployment of specific safeguards and countermeasures at the information system level.
Dr. Ron Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST). His current areas of specialization include security requirements definition, testing and evaluation, risk management, and information assurance. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project for NIST, which includes the development of key security standards and guidelines for the federal government, support contractors, and the United States critical information infrastructure.
His recent publications include Federal Information Processing Standards (FIPS) Publication 199 (security categorization standard), FIPS Publication 200 (security requirements standard), NIST Special Publication 800-53 (security controls guideline), NIST Special Publication 800-53A (security assessment guideline), NIST Special Publication 800-37 (security certification and accreditation guideline), and NIST Special Publication 800-39 (risk management guideline). Dr. Ross is also the principal architect of the NIST Risk Management Framework that provides a disciplined and structured methodology for integrating the suite of FISMA security standards and guidelines into a comprehensive enterprise-wide information security program.
Dr. Ross is a frequent speaker at public and private sector venues including federal agencies, state and local governments, and Fortune 500 companies. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. A graduate of the United States Military Academy at West Point, Dr. Ross served in a variety of leadership and technical positions during his twenty-year career in the United States Army.
|
|
