Join Us At

CISQ's 10th Annual Cyber Resilience Summit

For the 10th Annual Cyber Resilience Summit, we will return to the Army Navy Club with a program of senior government and industry speakers and panelists focusing on cybersecurity, modernization, and flow measures for continuous delivery environments. Designed to brief Federal and State IT leaders and policymakers on standards for measuring risk and quality in software, the Summit focuses on:

Standards and best practices for measuring risk and quality in IT-intensive programs from productivity, software assurance, overall quality, and system/mission risk.
Discussions highlight proven methods and tools for incorporating standard quality metrics into the IT software development, sustainment, and acquisition processes.

EVENT DETAILS

DATE: October 20, 2022 from 8:30am – 3:45pm
VENUE: Army Navy Country Club, 1700 Army Navy Drive, Arlington, VA. (Parking is complimentary).
REGISTRATION: The registration fee is $250.00 and includes lunch and refreshments. Government employees, not-for-profit organizations, and universities may receive a complimentary pass by applying the code CISQG22 at registration.
CONTACT: info@it-cisq.org

Topics covered at CISQ's 10th Annual Cyber Resilience Summit

The latest developments in cybersecurity process and technology

Lessons learned from modernization projects

Recent advances in CISQ/OMG and ISO software measurement standards

How to void pitfalls in software measurement programs

Best practices in software quality assurance

The Cyber Resilience Summit first started in 2013 and has grown into a sellout annual summit. Previous summits have been held across the globe. View previous CRS agenda's and presentations.

Keynote speakers and panelists are public and private IT executives and senior technical experts

Executive Director, CISQ

Dr. Bill Curtis

Bio

Executive Director for MITRE's Center for Data-Driven Policy

David Powner

Bio

Chief Executive Officer at Software Improvement Group

Luc Brandts

Bio

Senior Principal Engineer, MITRE

Robert Martin

Bio

Deputy Chief of the Computer Security Division in the Information Technology Laboratory, NIST

Jon Boyens

Bio

Chair of CycloneDX Core Working Group, OWASP

Steve Springett

Bio

Executive Director, SAFECode

Steve Lipner

Bio

Managing Director/CIO, Interoperability Clearinghouse (ICH) Co-Founder/Chief Executive Officer, IT Acquisition Advisory Council (IT-AAC)

John Weiler

Bio

VP, Business Performance, TIA QuEST Forum

Mike Regan

Bio

Principal Consultant, Agile Big Picture

Richard Knaster

Bio

Advisor, CISQ

Joe Jarzombek

Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency

Dr. Allan Friedman

Director, Cyber-SCRM Programs, Synopsys

Donald R Davidson Jr.

Summit Agenda

Time	Session
8:30 - 9:00	Welcome Hosts: Dr. Bill Curtis, Executive Director, CISQ; David Powner, Executive Director, Center for Data-Driven Policy, MITRE
9:00 - 9:45	Keynote Speaker Presentation
9:45 - 10:30	Adoption & the Use of Software Bill of Materials (SBOM) Panel Leaders of software efforts in industry will discuss the challenges the movement to SBOMs for all software will enable and how to leverage the opportunities it can bring. This panel will discuss: What can you do with a full SBOM? What is a full SBOM? How do you get the SBOM you need? How to protect SBOMs and when is that needed? Why will SBOMs change your organization's enterprise management tools? Moderator: David Powner, Executive Director, Center for Data-Driven Policy, MITRE Panel: Steve Springett, Chair of CycloneDX Core Working Group, OWASP; Dr. Allan Friedman, Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency ; Tim Mackey, Principal Security Strategist, Synopsys
10:30 - 10:45	Program Break
10:45 - 11: 30	Software Supply Chain Risk Management Moderator: Joe Jarzombek, CISQ Advisor Panel: Luc Brandts, CEO, Software Improvement Group; Steve Lipner, Executive Director, SAFECode; John A. Weiler Managing Director/CIO, Interoperability Clearinghouse (ICH) Co-Founder/Chief Executive Officer, IT Acquisition Advisory Council (IT-AAC); Jon Boyens, Deputy Chief of the Computer Security Division in the Information Technology Laboratory, NIST
11:30 - 12:30	Lunch Keynote
12:30 - 1:15	Supply Chain Security System of Trust The trust and trustworthiness of supply chains is at the center of many of today's global security challenges. This presentation explores the details of System of Trust, a community effort to develop and validate a process for integrating evidence of the organizational, technical, and transactional trustworthiness of supply chain elements for decision makers dealing with supply chain security. Speaker: Bob Martin, Sr. Software and Supply Chain Assurance Principal Eng., MITRE
1:15 - 2:00	Trustworthy Supply Chains Leaders from industry will discuss the challenges and opportunities in addressing the need for more than trustworthy software, the hardware and services, also need to be trustworthy as they are carried through our supply chains. How can we address supply chain assurance needs? What are key factors to consider in gaining assurance about trustworthiness of supplies and services? What standards and practices can be put into contracts to address supply chain risks to trustworthiness? Moderator: Bob Martin, Sr. Software and Supply Chain Assurance Principal Eng., MITRE Panel: Dr.-Ing. Dietmar Rosenthal, TUV Nord Group; Mike Regan, VP, Business Performance, TIA QuEST Forum; Donald Davidson, Director, Cyber-SCRM Programs, Synopsys Invitations pending!
2:00 - 2:15	Program Break
2:15 - 3:00	Lessons Learned in Modernization Projects Senior IT leaders will discuss what works and fails in modernization efforts. What range of activities are included in modernization? What are key factors that lead to successful modernizations? What factors predict that a modernization project is going off the rails? What should have been done differently even if the project was successful? Moderator: Dr. Bill Curtis, Executive Director, CISQ Invitations pending!
3:00 - 3:45	Measures for Improving Modern Software Environments Measurement experts will discuss the strengths and weaknesses of applying flow measures from lean environments such as cycle time, throughput, and efficiency for evaluating and improving iterative and continuous software environments, especially those implementing a version of DevOps. What are the challenges in applying flow measures to iterative and continuous delivery environments? How can defect measures (containment, escapes, life spans, MTTR, etc,) be integrated with flow measures? Are DORA measures enough, and if not what else is needed? How should flow measures be integrated into and derived from DevOps tool chains? What is the best way to analyze and interpret flow measures? Moderator: Dr. Bill Curtis, Executive Director, CISQ Speakers: Richard Knaster, Principal Consultant, Agile Big Picture; Paul Janusz, Senior Software Quality Engineer, US Army Development Command
3:45	Closing Hosts: Dr. Bill Curtis, Executive Director, CISQ; David Powner, Executive Director, Center for Data-Driven Policy, MITRE

Registration

Founders & Sponsors

Partners

Become a Sponsor

The Consortium for Information & Software Quality™ (CISQ™), managed by OMG®, offers this event sponsorship opportunity which includes these benefits and branding as a sponsor of the CISQ 10th Annual Cyber Resilience Summit.

Learn More

$5,000 Event Sponsorship Includes:

5 conference registrations
Your company featured on the event website & registration as the event sponsor
Company logo on the event program guide
5-minute welcome remarks at lunch ahead of keynote speaker
Breakfast sponsor (1)
Lunch sponsor (1)
Company logo placement during presentation & event
A brochure, flyer, or similar piece of literature distributed to attendees