2019 National Cyber Summit

Summit Speaker Brian Ruf

Session Information

Security Automation Simplified via NIST's Open Security Controls Assessment Language (OSCAL)
Wednesday, June 5, 2019 2:15 p.m. - 3:00 p.m.
Aligning security risk management and compliance activities with the broader adoption of cloud technology and the exponential increase in the complexity of smart systems leveraging such cloud solutions, has been a challenging task to date. Additionally, the proliferation of container technology employed in cloud ecosystems for enhanced portability and security, compels organizations to leverage risk management strategies that are tightly coupled with the dynamic nature of their systems. NIST’s Open Security Controls Assessment Language (OSCAL) is a standard of standards that provides a normalized expression of security requirements across standards, and a machine-readable representation of security information from controls to system implementation and security assessment. This bridges the gap between antiquated approaches to IT compliance and innovative technology solutions.
Imagine a future where security documentation builds itself, and security management tools from different vendors integrate seamlessly. Security practitioners will spend less time on security documentation, assessments, and adjudication, yet the results of those activities will be more accurate and more easily monitored. OSCAL enables this and more.
Dr. Michaela Iorga photo
Dr. Michaela Iorga
Senior Security Technical Lead
NIST
Dr. Iorga, a recognized expert in information security, risk assessment and information assurance for cloud, fog and IoT systems, has a deep understanding of cybersecurity, identity and credential management, and cyberspace privacy issues. In her capacity at NIST, she works with industry, academia, and other government stakeholders on developing vendor-neutral security and forensics guidance and standards. Dr. Iorga is also managing several NIST efforts that include the development of the Open Security Controls Assessment Language (OSCAL), the fog computing conceptual model, the cognitive-based IoT devices fingerprinting, and the risk management for cloud-based systems.
Mr. Brian Ruf CISSP, PMP photo
Mr. Brian Ruf CISSP, PMP
FedRAMP PMO SME
FedRAMP/GSA
Brian began his 30 year IT career as a programmer and network engineer. In the late 90’s he was part of a core team applying cyber security to a (then) next generation air traffic control system. Since 2000, he has led efforts for government agencies, pharmaceutical companies, telecommunication providers, and financial institutions on topics involving the intersection of risk management, cyber security, system development lifecycle methodologies, and process re-engineering. Brian joined the FedRAMP PMO in July 2015, where he was instrumental in the success of FedRAMP Accelerated and related improvements. Brian represents FedRAMP on the OSCAL development team, and is leading efforts to automate the FedRAMP authorization process.


Meet Our NCS 2019 Speakers

Jocquette Blue Photo Jocquette Blue Senior Cybersecurity Analyst H2L Solutions
Paige Boshell Photo Paige Boshell Managing Member Privacy Counsel LLC
Wayne Burke Photo Wayne Burke Vice President and Co-Founder Cyber2 Labs, LLC
Paul Coggin Photo Paul Coggin Cyber Security Research Scientist Financial Institution
Brian Contos Photo Brian Contos CISO Verodin
Randall Cottrell Photo Randall Cottrell Chief Executive Officer Bluejireh Incorporated
Joshua Crumbaugh Photo Joshua Crumbaugh Chief Hacker/Chief Operating Officer PeopleSec® LLC
Ben Curry Photo Ben Curry Chief Architect, Managing Partner Summit 7 Systems
Robert Decicco Photo Robert Decicco MD Digital Intelligence
Byron DeLoach Photo Byron DeLoach Director of Adaptive Services Cybriant
Nicholas Downer Photo Nicholas Downer Systems Security Engineer/Instructor Millennium
Major Bradley Eames Photo Major Bradley Eames 47CTS OL-A Deputy Commander 47 Cyberspace Test Squadron
Rita Edwards Photo Rita Edwards Featured Cyber Security Instructor CyberProtex
Mr. Scott Edwards Photo Mr. Scott Edwards President Summit 7 Systems
Shawn Edwards Photo Shawn Edwards Cyber Adversarial Engineer The MITRE Corporation
Irene Garcia-Goan Photo Irene Garcia-Goan Sr. Cybersecurity Analyst H2L Solutions
Travis Green Photo Travis Green
Jonathan Hard Photo Jonathan Hard Chief Operating Office and President H2L Solutions
Matt Henson Photo Matt Henson CEO Trade Collaboration Engine
Sean Hopkins Photo Sean Hopkins Red Team Security Engineer Millennium Corporation
Dr. DJ Hovermale Photo Dr. DJ Hovermale Senior Cyber Operations Training Analyst, Principal SAIC
Dr. Michaela Iorga Photo Dr. Michaela Iorga Senior Security Technical Lead NIST
Ray Kelly Photo Ray Kelly Security Architect Micro Focus
Ben McGee Photo Ben McGee CyberProtex Featured Cyber Security Instructor
Dr. Wesley McGrew Photo Dr. Wesley McGrew Director of Cyber Operations HORNE Cyber
Charlene Mowery CISM, PE Photo Charlene Mowery CISM, PE Vice President of Global Business and Marketing, Cybersecurity SME Ultra Electronics, 3eTI
Ms. Sonia Mundra Photo Ms. Sonia Mundra President Chenega Analytic Business Solutions, LLC (CABS)
Michael Portera Photo Michael Portera Red Team Security Engineer Millennium Corporation
Jonathan Risto Photo Jonathan Risto
Robert Rounsavall Photo Robert Rounsavall Co Founder Trapezoid, Inc.
Kell Rozman Photo Kell Rozman Security Software Engineering Senior Manager Toyota Motor North America
Antonio (Tony) Rucci Photo Antonio (Tony) Rucci Director, InfoSec & Threat Intelligence GRIDSMART Technologies
Mr. Brian Ruf CISSP, PMP Photo Mr. Brian Ruf CISSP, PMP FedRAMP PMO SME FedRAMP/GSA
Greg Schaffer Photo Greg Schaffer Principal vCISO Services, LLC
Jake Schneider Photo Jake Schneider Director of Cyber Technologies GaN Corporation
Winn Schwartau Photo Winn Schwartau Chief Visionary Officer Winn Schwartau LLC
Jeffrey Shapiro Photo Jeffrey Shapiro Senior Cyber Operations Training Analyst, Principal SAIC
Dr. Joshua Stroschein Photo Dr. Joshua Stroschein Training and Academic Outreach Open Information Security Foundation
Trevor Vaughan Photo Trevor Vaughan Vice President Engineering Onyx Point, Inc.
Dr. Brad Wardman Photo Dr. Brad Wardman Head of Threat Intelligence PayPal
Mark Whigham Photo Mark Whigham Instructor Calhoun Community College
Mr. Wes Widner III Photo Mr. Wes Widner III Senior Cloud Engineer CrowdStrike
Shirley Zhao Photo Shirley Zhao Principal Program Manager, Product Security Compliance and Governance Blackberry

View AgendaView Speaker Listing


Attend NCS 2019 to meet and hear speakers like this!

Register Now