Fighting cyber threats with Identity Management

Zachary Brown was selected as the Chief Information Security Officer in March of 2018. Prior to joining the FDIC, Zachary was the Chief Information Security Officer for the Consumer Financial Protection Bureau (CFPB). The CFPB was established under the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, and has embraced a cloud first technology strategy since the bureau’s inception. As the CISO for a start-up, 21st Century agency, Mr. Brown leads the bureau’s efforts to secure systems and data using innovative tools and tactics.

Mr. Brown has a rich background in information security that began in the U.S. Marine Corps, and includes service to civilian, defense and intelligence agencies. Prior to joining the CFPB in 2011, Mr. Brown served as the Associate Director for Cybersecurity Architecture and Engineering for the Internal Revenue Service. In this role, Mr. Brown led the transformation and delivery of Security Engineering, Disaster Recovery and Security Management Services for the nation’s tax processing systems and applications.

Among Mr. Brown’s accomplishments, he holds an AA in Arabic, a BS in Business Administration, and a Master’s Degree in Cybersecurity. His professional certifications include the Certified Information System Security Professional (CISSP), Information System Security Engineering Professional (ISSEP) and the Project Management Professional (PMP).

Greg currently serves as Assistant Director and Chief Information Security Officer (CISO) for the Department of Justice (DOJ), Executive Office for the United States Attorneys’ (EOUSA). Greg joined the U.S. Attorney’s in November of 2014 after completing eight years in the Intelligence Community with the Office of the Director for National Intelligence (ODNI). In his current capacity, he oversees the Cybersecurity Program supporting the Executive Office for the United States Attorneys (EOUSA) Information Technology Enterprise as well as all 94 United States Attorney’s Offices (USAOs) located throughout the United States and U.S. Territories including Puerto Rico, the Virgin Islands, Guam, and the Northern Mariana Islands. The United States Attorneys’ (USA) serve as the nation's principal litigators under the direction of the Attorney General. While serving as the CISO for USA and under Greg’s leadership, the Cybersecurity Program had several notable achievements including championing key Departmentally-sponsored FedRAMP authorizations as part of a set of key Commercial Cloud services acquisitions. These technologies included Box Enterprise Cloud Content Collaboration Platform (SaaS), Okta Identity as a Service (IDaaS) and Veritone aiWARE Government (SaaS). Under Greg’s leadership, the U.S. Attorneys’ deployed the first federal government instance of Box using Okta Identity as a Service in support of the United States Attorneys Secure File Sharing initiative (USAfx). Greg also led the first government/commercial integration and deployment of SailPoint IdentityIQ and Okta Identity as a Service leading to the development of a productized connector and commercial offering leveraging both solutions. Greg worked with the Department of Justice achieving a similar integration with SailPoint IdentityIQ and CA’s Xceedium Privileged Access Management solution. In addition to USA’s cloud security achievements, Greg developed the strategy and led the acquisition of McAfee’s Endpoint Security and Encryption solution as part of the USA hardware and image refresh which was also the first McAfee and Windows 10 integration within the Department. Most recently, Greg led the development and implementation of a DoJ sponsored IdAM Service Offering providing an AWS account level security framework, SailPoint AWS architecture and Okta IDaaS supporting external user workflows and SailPoint connector integration.

Greg served as a Senior Risk Executive for the ODNI leading two major programs within the Intelligence Community including Identity and Access Management and the implementation and oversight of Intelligence Community Directive 503 “Intelligence Community Information Technology Systems Security Risk Management.” Greg is a two-time recipient of the National Intelligence Meritorious Unit Citation for his leadership and vision in establishing the IC’s first federated access management service (Unified Authorization and Attribute Service) and for completing the first “NIST Risk Management Framework” based Certification and Accreditation of the Intelligence Community’s Information Technology Enterprise (IC ITE) initiative. Greg also received the National Intelligence Certificate of Distinction for his leadership and vision in support of the Identity Intelligence Task Force ultimately establishing the Identity Intelligence Framework in support of key defense, homeland security, diplomatic, law enforcement and Intelligence Community initiatives. Greg is credited with key contributions in the development and publication of NIST Special Publication 800-53 Revision 4 “Security and Privacy Controls for Federal Information Systems and Organizations.” In 2008, he completed 20 years of military service as a Signal Officer. He deployed for both Operation Desert Shield/Storm and Operation Iraqi Freedom and is the recipient of the Bronze Star.

Greg’s information technology career spans 34 years supporting both private and public sectors including Cisco Systems, Northrop Grumman, the Department of Defense, the Intelligence Community and most recently the Department of Justice. Greg lives in Leesburg Virginia and is the father of two girls, Emelia 9 and Ellie 11. Greg is both an ROTC and Athletic scholarship recipient and a graduate of The American University with a Bachelor’s of Science in Computer Systems Applications. He’s also completed 27 semester hours towards his MBA with University of Phoenix and is a graduate of Harvard Kennedy School’s Executive Education in Cybersecurity Policy and Technology Program. Greg received his active duty commission from Georgetown University’s ROTC program and is an alumni of the Hoya Battalion. He currently holds both Certified Information System Security Professional (CISSP) and Certified Ethical Hacker (CEH) certifications.

Ms. Janssen is the Director for Cybersecurity Architecture and Capability Oversight (A&CO) Directorate with the DoD CIO Cybersecurity office. The ACO Directorate provides oversight and leadership in Cybersecurity Architecture, Key Management, Identity Credential and Access Management (ICAM), Continuous Monitoring, Endpoint Security, Insider Threat, and Perimeter protections. Previously she was the Director for Cyber Workforce and Risk Management. She also supported the DoD CIO from Sep 2015 to Apr 2016 as the Program Manager/Contractor Officer’s Representative for the Office of Personnel Management’s Breach 2 efforts.

Prior to arriving at the DoD CIO, Ms. Janssen was a Division Chief within the Defense Information Systems Agency for various divisions that developed cyber capabilities for Perimeter, Cross Domain, Identity Management, Endpoint, Sensors and Analytics. She oversaw the acquisition of new cyber capabilities and ensured the successful operation and sustainment of existing capabilities. She was the DoD Deputy Program Manager for the Department of Defense Public Key Infrastructure (PKI) program from 2005 to 2014. During that time she also led the development of the Joint Enterprise Directory Services which provided people discovery and attribute services to the Department and the DoD enterprise Privilege Management capabilities to provide secure information sharing with DoD partners and unanticipated users. She also led various efforts in support of the DoD Enterprise Integration and Corporate Information Management initiatives.

Before arriving at DISA, Ms. Janssen was the Director of the Environmental Information Resource Management Office in the Office of the Deputy UnderSecretary of Defense (Environmental Security). Ms. Janssen entered the Department of Defense as an engineering intern at the U.S. Army Belvoir Research, Development, and Engineering Center, designing mobile water purification systems. She earned both a MS in engineering and BA in chemistry from the University of Virginia, and is DoD Level 3 certified in the program management and information technology career fields.

Jaime Lynn Noble currently serves as the Chief Information Security Officer for the Department of Justice’s (DOJ) Office of Justice Programs (OJP) where she provides leadership and direction for improving the effectiveness and consistency of the security of OJP information systems. In her current role, she is responsible for Technical Security Operations, Security Engineering, initial and on-going Security Assessments and Security Status Reporting to support On-going Authorization to Operate (ATO) as she continues to improve the OJP’s Information security risk management program and ensure information systems are in compliance with federal information security requirements.

Prior to her role within the Department of Justice (DOJ), Jaime served as the Deputy Chief Information Security Officer & Risk Management Program Manager at US Census Bureau. She began her federal career at Census in 2001 as a programmer supporting Demographic surveys and censuses. In 2008, she moved to the Office of Information Security (OIS) and led the Bureau's transition from the Certification & Accreditation Process to the Risk Management Framework. In 2014, Jaime and her team received the Department of Commerce Gold Medal Honor Award for developing an innovative security program that allows executives to better understand risk and determine the most cost- effective actions to manage them while minimizing the impact on the mission.

Jaime is a Certified Authorization Professional (CAP), a Certified Information System Security Professional (CISSP), has a Bachelor's Degree in Management Science & Information Systems from the Pennsylvania State University and a Master's Certificate in IT Project Management from the George Washington University. She currently serves as the government co-chair of the American Council for Technology and Industry Advisory Council (ACT-IAC) Cloud ATO Work Group, which serves to improve security standards in ways that are aligned with best practices, helping reduce the time, cost, and complexity of the Security Assessment & Authorization (SA&A) process of Cloud Service Providers to enable the Federal Government’s adoption of secure cloud services and technologies.

Adam Zeimet is the Branch Chief for Identity, Credential, & Access Management (ICAM) at the U.S. Department of Agriculture.

USDA’s ICAM program office oversees the implementation and adoption of ICAM principals and concepts throughout USDA and its component agencies. Functions include ICAM related policy oversight and management, implementation of HSPD-12 logical access enforcement, and managing enterprise-wide ICAM shared service solutions for authentication and identity management in support of USDA’s diverse Mission Areas.

Adam has worked in the Identity & Access Management field for over 15 years, both in the private sector as an IAM consultant and architect as well as in the public sector. Adam joined USDA in 2012 as the ICAM chief architect and currently serves as USDA’s Branch Chief and Program Manager for ICAM.

Bill works as an Account Executive at Radiant Logic in support of the Department of Defense. He has a focus on solving the complexity around identity to help enable the warfighter and the DoD’s mission objectives. He is also a Brand Ambassador for the Defense Entrepreneurs Forum whose purpose is to inspire, connect, and empower people by delivering tangible solutions and promoting a culture of innovation in the national security community.

5 years of experience with Federal Civilian and DoD customers.

Work with clients as a trusted advisor to ensure customers:
• Are following best practices deploying their privileged account security programs
• Give advice on how solutions the customer owns can help reduce attack surface and close common attack vectors
• Use the tool!
• Worked directly on DHS CDM PRIVMGT Continuous Diagnostics & Mitigation
• Experienced with DoD LoE, 800-53, 800-171, D(FAR)S, NIAP, RMF

Habib is a Solution Engineer at Okta where he helps Federal and DOD agencies implement strong identity and access management policies within a Zero Trust Framework. He started his career in telecommunications and infrastructure, bringing with him over a decade of end-user and IT operations experience. Prior to joining Okta, Habib was the ICAM lead for a Fortune 500 company where he deployed Okta and was responsible for its day to day operations in addition to his other responsibilities.

Frank Briguglio is a recognized thought leader and authority in Identity Governance, Administration (IGA), and Authentication & Access Controls. Throughout his career he has been involved in the design and implementation of identity-centric technologies and the development of identity standards. He has supported the Federal Identity, Credential and Access Management Subcommittee (FICAM) as a Subject Matter Expert and was involved in the development of the FICAM Roadmap; the Federal and DoD Public Key Infrastructure (PKI) and Federated Identity Standards adopted by FICAM E-Authentication program.

Frank has over 20 years’ experience supporting Federal Civilian, Department of Defense, and the Intelligence community. He has worked for industry leaders in the Security, Identity and Access Management space at Oracle, Microsoft, Netscape, Sun Microsystems and Deloitte and is currently the Public Sector Identity Governance Strategist at SailPoint.

Prior to his career in Enterprise Security and Identity Management he served in the United States Navy as a Cryptologist.

JJ Green is the National Security Correspondent at WTOP radio. He reports daily on international security, intelligence, foreign policy, terrorism and cyber developments and provides regular on-air analysis.

He joined WTOP on March 11, 2004. In the years since then, he has traveled to dozens of countries investigating, reporting and analyzing the U.S. war against terrorism and has interviewed the leadership of all the key national security components of the U.S. government and many security and foreign government officials around the world.

He hosts the weekly podcast, Target USA, which examines the threats facing U.S. He also hosts the weekly broadcast program “The Hunt,” and conducts in-depth interviews with experts on ISIS, al-Qaida, the Taliban and other emerging terror threats.

He’s been embedded with the U.S. military three times in war zones. He has reported from Kandahar, Zabul province and Kabul in Afghanistan. While embedded with the U.S. Air Force in 2006, he traveled 18,000 miles, to 10 countries, including Iraq, Djibouti, Afghanistan, Qatar, Kuwait, Kyrgyzstan, Turkey and others in 31 days, covering the war effort.

He has traveled to Israel, the Golan Heights, Israel’s borders with Syria and Lebanon, and Gaza. He interviewed Israeli and Palestinian political officials about the conflict there and the prospects for peace, and the roadblocks. Since 2013 he has spent a lot of time in North Africa, covering the rise and fall of ISIS and the flow of foreign fighters.

He is the recipient of the 2017 Gerald R. Ford Presidential Foundation award for Distinguished Reporting on National Defense for his series Anatomy of a Russian attack. He has also received a National Edward R. Murrow Award (2009) for “Hidden Hunter” — his reporting aboard a nuclear-powered, Los Angeles Class submarine underway in the Atlantic Ocean. He also won the prestigious Associated Press Douglas S. Freeman award in 2010 for his investigative series, “Dignity Denied,” which explored decades of neglect at America’s hallowed Arlington National Cemetery.

He has also won more than two dozen regional and local awards since he started working at WTOP. In 2012, he was honored by the University of Maryland, University College as their commencement speaker, in recognition of his broad body of national security reporting accomplishments. He has also been recognized by top national security officials for his deep knowledge of international affairs and ability to succinctly analyze complex issues.

In addition to his work at WTOP, JJ lectures regularly at universities and colleges on national security issues and speaks often to U.S. government, military and national security organizations. He is also a contributor to Jane’s Intelligence Review magazine.

Before joining team WTOP, he traveled to and reported on the events, issues, people and places of Africa, Latin America and Europe for the six years on public and international television. He began his career in Washington in 1989 at WMAL radio. In the mid-1990s he was trained as a TV correspondent at ABC News’ “Nightline.” Later he worked as a general assignment part-time correspondent at CNN. In the late 90s he was brought on at CSPAN as weekend host of the Washington Journal. In 1998, JJ began working as a correspondent for the Voice of America Television on Window on America and as host and correspondent of Africa Journal while traveling there frequently until he joined WTOP in 2004.

JJ graduated magna cum laude from Hampton University. He’s fluent in Spanish, speaks working level French and is studying Korean. An avid athlete, he is an accomplished speed skater, a regular runner, and swimmer, cross trainer and is an expert kickboxer.

You can email J.J. at jgreen@wtop.com or follow him on Twitter.