Press Release

CISQ to Host 7th Annual Cyber Resilience Summit in Arlington, VA


NEEDHAM, MA – September 17, 2019 – The Consortium for Information & Software Quality™ (CISQ™), an IT industry leadership group that develops standards for automating software quality measurement, today announced its 7th annual Cyber Resilience Summit, The Crossroads of IT Modernization and Cybersecurity.

The summit, which will be held on October 16, 2019 from 8:00am – 3:00pm at the Army Navy Country Club in Arlington, VA, will bring defense, government and industry leaders together to discuss how proven standards and methodologies can reduce risk and help meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems.

“The most damaging of system failures and security breaches are caused by vulnerabilities lurking inside the network at the application layer,” said David Norton, Executive Director, CISQ. “The first duty of government is to protect its citizens, whether in the physical or digital world, and that means we have to start by getting the basics right.”

The Cyber Resilience Summit includes keynote, panel and roundtable sessions on software engineering, supply chain risk management, acquisition, and more. In addition to welcoming remarks by David Norton, Executive Director, CISQ, confirmed speakers and panelists from Federal agencies and the private sector include:

  • Keynote Address by Robert Kolasky, Assistant Director of the National Risk Management Center, Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of Homeland Security
  • How to Query, Qualify and Quantify the Qualities of Quagmire: Dr. Barry Boehm, Chief Scientist, SERC; TRW Professor of Software Engineering and Director, Center for Software Engineering, University of Southern California
  • Scaled Agile Framework: Isaac Montgomery, Senior Consultant and SPCT, Scaled Agile, Inc.
  • Panel: Titans of Cyber: Critical Success Factors for Reducing Risk in Development and Acquisition:
    • Luke McCormack, former CIO at U.S. Department of Homeland Security (retired)
    • Margie Graves, Federal Deputy CIO, Office of Management and Budget – invited
    • Keith Nakasone, Deputy Assistant Commissioner, Acquisition Management, Office of Information Technology Category for GSA’s Federal Acquisition Service (FAS)
  • NIST 800-160, 800-53 and 800-171: Victoria Yan Pillitteri, Cybersecurity Researcher, NIST
  • Beyond the Checklist: Cyber – Past, Present and Future: Bobbie Stempfley, Director of SEI’s CERT Division
  • Keynote: Cybersecurity Maturity Model Certification: Katie Arrington, Special Assistant for Cybersecurity in the Office of the Under Secretary of Defense for Acquisition and Sustainment, U.S. Department of Defense
  • Reducing IT Risk with Suppliers by Reducing Architectural and Technical Debt: David Norton, Executive Director, CISQ
  • Regulators Roundtable:
    • Dr. Bill Curtis, Founding Executive Director, CISQ
    • Dr. Seth Carmody, Cybersecurity Program Manager, FDA
    • Timothy Noonan, Deputy Director for the Health Information Privacy Division at the HHS Office for Civil Rights
    • Maria T. Vullo, CEO, Vullo Advisory Services and former Superintendent of the New York State Department of Financial Services (DFS)
  • Closing Remarks: Tony Scott, former Federal CIO and CIO at Microsoft, VMWare, GM and Disney

The registration fee of $195.00 includes lunch and refreshments. Registration is complimentary for government employees, not-for-profit organizations and universities. Media interested in a press pass should send an email message to Sr. PR Manager Karen Quatromoni at [email protected].

About CISQ

The Consortium for Information and Software Quality™ (CISQ™) is an industry leadership group that develops international standards for automating the measurement of software size and structural quality from the source code. The standards, written by CISQ, enable organizations developing or acquiring software-intensive systems to measure the operational risk software poses to the business, as well as estimate the cost of ownership. CISQ was co-founded by the Object Management Group® (OMG®) and Software Engineering Institute (SEI) at Carnegie Mellon University. For more information, visit


+1-781-444 0404
[email protected]



Note to editors: CISQ is an Object Management Group program. Object Management Group and OMG are registered trademarks of the Object Management Group. For a listing of all OMG trademarks, visit All other trademarks are the property of their respective owners.