SUMIT_2015

The 11th annual Security at University of Michigan IT (SUMIT) was held on Thursday, October 22. As the university's flagship event for National Cybersecurity Awareness Month, SUMIT is an exciting opportunity to hear nationally recognized experts discuss the latest technical, legal, and operational trends and threats in cyberspace. This year, among our special guests, we were honored to welcome Governor Rick Snyder as our SUMIT keynote speaker.

SUMIT_2015 broke all previous registration records with 899 people registering and 466 attending the event at Rackham Auditorium. An additional 260 unique viewers watched the live stream webcast throughout the day. These individuals represented more than 160 universities, corporations, small businesses, and nonprofits from around the country.

Video and Materials

Speakers

The Honorable Rick Snyder

The Honorable Rick Snyder

Governor of the State of Michigan

SUMIT Keynote

When Rick Snyder became Michigan's 48th Governor in 2011, he pledged a commonsense approach to governing that focused on working together to find solutions for the state's toughest problems. With the self-proclaimed moniker "one tough nerd," Governor Snyder has focused on making government more efficient and effective for Michigan's citizens. In his first term, the state has passed four balanced budgets, eliminated a $1.5 billion deficit and reformed burdensome tax and regulatory codes that were stifling business growth and job creation.

Raised in a Battle Creek home known for a strong work ethic and service to others, Governor Snyder's upbringing has aided in leading the state's comeback. A homemaker and a small business owner, his parents demonstrated the value of hard work.

After graduating the University of Michigan, he joined accounting firm PwC (formerly Coopers & Lybrand). There, he met his wife Sue. They are the proud parents of Jeff, Melissa and Kelsey.

Following a successful career as partner at Coopers & Lybrand, Governor Snyder joined Gateway as President and COO. He later returned to Michigan to cofound an Ann Arbor-based venture capital fund. The Governor's background as a successful job creator has helped him better serve Michigan, producing results that earned him Public Official of the Year in 2014 from GOVERNING magazine.

In Governor Snyder's first term, Michigan created nearly 400,000 new private sector jobs. Today, Michigan's unemployment rate is at its lowest point in 14 years.

He successfully implemented Healthy Michigan, an innovative and bipartisan plan that has provided affordable and quality healthcare for more than 500,000 hard-working Michiganders.

Among his greatest achievements, Governor Snyder built a bipartisan coalition of Michiganders to put Detroit on a path to success.

With the Governor's unwavering commitment, Detroit has emerged bankruptcy poised to be one of the great comeback stories in American history.

The Governor's "Relentless Positive Action" has brought solutions to pressing problems and renewed optimism in Michigan's future.


Ari Schwartz

Ari Schwartz

Managing Director of Cybersecurity Services, Venable & Former Senior Director for Cybersecurity U.S. National Security Council Staff, White House

Morning Keynote Speaker & Panelist: Defining Cybersecurity to Protect Rights and Liberties

Some have suggested that the US Government uses the term "Cyber" as a noun or modifier to be purposely broad and unspecific and the term "Cybersecurity" is used to take away basic rights and liberties in the name of national security or law enforcement efforts. However, as new policy is implemented, efforts are underway to ensure that privacy and freedom of expression are protected. Former Special Assistant to the President and White House Senior Director for Cybersecurity, Ari Schwartz, will discuss the current threats to connected systems with an emphasis on what concerns may come from how federal cybersecurity programs are being built, but also what can be done to protect both security and privacy at the same time.

Ari Schwartz is Venable’s Managing Director of Cybersecurity Services. Mr. Schwartz directs the cybersecurity consulting services for Venable, assisting organizations with understanding and development of risk management strategies, including articulation of the Cybersecurity Framework and other planning tools to help minimize risk.

Prior to joining Venable, Mr. Schwartz was a member of the White House National Security Council as Special Assistant to the President and Senior Director for Cybersecurity. Mr. Schwartz coordinated all network defense cybersecurity policy, including critical infrastructure protection, federal network protection, supply-chain efforts, cybersecurity standards promotion, and information sharing. He led the White House’s legislative and policy outreach to businesses, trade groups, academics, and civil liberties groups on cybersecurity and developed new policies and legislation, including development of the Executive Orders on the Security of Consumer Financial Protection, Cybersecurity Information Sharing, and Sanctions Against Individuals Engaging in Malicious Cyber-Enabled Activities. Additionally, he led the successful rollout of the White House Cybersecurity Framework and the White House Cybersecurity Summit held at Stanford University.

Mr. Schwartz also served in the Department of Commerce, where he advised the Secretary on technology policy matters related to the National Institute of Standards and Technology (NIST), the National Telecommunications and Information Administration (NTIA), and the U.S. Patent and Trademark Office (USPTO). He led the Department’s Internet Policy Task Force and represented the Obama Administration on major Internet policy issues on privacy and security before Congress, at public events, and before the media.

Prior to entering government he worked at the Center for Democracy and Technology, including serving as Vice President and Chief Operating Officer and developing policy related to privacy, cybersecurity, and open government.


Professor J. Alex Halderman

Professor J. Alex Halderman

Morris Wellman Faculty Development Assistant Professor of Computer Science and Engineering and Assistant Professor of Electrical Engineering and Computer Science, College of Engineering, University of Michigan

Moderator

J. Alex Halderman is an assistant professor of computer science and engineering at the University of Michigan. His research spans computer security and tech-centric public policy, including topics such as software security, data privacy, electronic voting, censorship resistance, and cybercrime, as well as technological aspects of intellectual property law and government regulation. He holds a Ph.D. from Princeton University.

A noted expert on electronic voting security, Professor Halderman helped demonstrate the first voting machine virus, participated in California's "top-to-bottom" electronic voting review, and exposed election security flaws in India, the world's largest democracy. He recently led a team from the University of Michigan that hacked into Washington D.C.'s Internet voting system. In his spare time, he reprogrammed a touch-screen voting machine to play Pac-Man.


John Townsend

John Townsend

Manager of Information Protection and Security at DTE Energy

Guest Speaker: The Top Ten Threats Facing the Electric Sector - Well, Maybe Not Just the Electric Sector

Hardly a week passes without a media headline telling foreboding stories of the electrical grid being vulnerable to cyber attacks by nation states. In March of this year USA Today reported that the "U.S. national power grid faces physical or online attacks approximately "once every four days," threatening to plunge parts of the country into darkness."

This presentation will focus on the work the electric and gas sectors have done to identify the top cyber and physical threats facing them. The framework describes: the threats, impacts of a realized threat, potential threat actors, attack vectors, and mitigations.

The question is: Are these threats unique to the electric and gas sectors, or can we all benefit from this work?

John Townsend is the Manager of Information Protection and Security at DTE Energy. This group is responsible for securing the electronic perimeter of the corporation, which includes network and application security, security risk assessments, and the future direction of information security.Previous leadership assignments at DTE Energy include: Manager of Infrastructure and Software Group within the DTE2 project, Manager of Telecommunications Operations, and Manager of Technology Planning and Consulting. Townsend also played a key role on the DTE Energy/MCN Information Technology Merger Team. He has worked at DTE Energy for 19 years, has a BS in Business from Central Michigan University, and has completed post-graduate work at Wayne State University and the University of Michigan.


David Sobel

David Sobel

Senior Counsel for Electronic Frontier Foundation

Panelist

David Sobel is Senior Counsel in Washington, DC, where he directs the FOIA Litigation for Accountable Government (FLAG) Project. David has handled numerous cases seeking the disclosure of government documents on privacy policy, including electronic surveillance, encryption controls and airline passenger screening initiatives. He served as co-counsel in the challenge to government secrecy concerning post-September 11 detentions and participated in the submission of a civil liberties amicus brief in the first-ever proceeding of the Foreign Intelligence Surveillance Court of Review. David is co-editor of the 2002 and 2004 editions of Litigation Under the Federal Open Government Laws. He is a recipient of EFF's Pioneer Award (2003) and the American Library Association's James Madison Award (2004), and has been inducted into the First Amendment Center's National FOIA Hall of Fame (2006). David was formerly counsel to the non-profit National Security Archive, and, in 1994, co-founded the Electronic Privacy Information Center, where he directed FOIA litigation and focused on government surveillance and collection of personal information. David is a graduate of the University of Michigan and the University of Florida College of Law.


Donald Welch

Donald Welch

Chief Information Security Officer, University of Michigan

Donald Welch, Ph.D. is the University of Michigan Chief Information Security Officer (CISO). As CISO, Don is responsible for the university's information assurance (IT security, privacy, IT policy, compliance, and enterprise continuity) program, including Ann Arbor, Flint, Dearborn, and the Health System. His charge also includes direct responsibility for ITS Information and Infrastructure Assurance.

Don's background includes executive positions in a wide range of industries, including retail, pharmacy, manufacturing, transportation, and IT services. Since 2006, Don was the president and CEO of Merit Network, a nonprofit organization governed by Michigan's public universities that provides a research and education network computer and related services. He has also been a leader in many national higher education organizations, including the Michigan Governor's Cyber Security Advisory Council and the higher education cybersecurity advisory council to the FBI. In addition, Don was CIO and taught on the faculty at West Point, where he started the Academy's information security program.

During his time at Merit, Don won many awards. In 2010 he was named the "Grant Thornton/Lawrence Tech Leader and Innovator of the Year" as well as one of Michigan's Top CEOs by Corp! Magazine. In 2012 he was honored by the White House as a "Champion of Change" for leading one of the best infrastructure projects funded by the Recovery Act. In 2013, Merit won the 21st Century Achievement Award from the Computerworld Foundation.

Don served for 25 years in the U.S. Army, attaining the rank of Colonel and earning the Legion of Merit for his service. During his time, he has earned the Army's Ranger Tab and Paratrooper Wings.

Don received a B.S. from the United States Military Academy, West Point, New York, a M.S. in Computer Science from California Polytechnic State University, San Luis Obispo, and he earned a Ph.D. in Computer Science from the University of Maryland, College Park.


Tom Winterhalter

Tom Winterhalter

Supervisor for the FBI Detroit Division's Cyber Squad

Panelist

SSA Tom Winterhalter is currently the Supervisor for the Detroit Division's Cyber Squad, and is the Cyber Program Coordinator for the Detroit Division, which encompasses the entire state of Michigan. He has been a Special Agent since 2003 where he was first assigned to the FBI's Detroit Division investigating Cyber Matters. From August 2009 through February 2011, SSA Winterhalter took an assignment to the FBI's Cyber Division in Washington, DC as a program manager. As a program manager his responsibilities included program guidance and support for six field offices and five legal attaché offices. Additionally, while at FBI-HQ he was one of the founders and coordinators for the Cyber Division's ICS/SCADA TFC (Industrial Control Systems/Supervisory Control and Data Acquisition Threat Focus Cell). Prior to the FBI, he worked as an ASIC Engineer designing computer chips for Compaq and Hewlett Packard, and he holds a Bachelor of Science in Electrical Engineering from the University of Michigan.


Jen Miller-Osborn

Jen Miller-Osborn

Cyber Threat Intelligence Analyst, Palo Alto Networks

Panelist

For more than twelve years, Jen has worked in cyber threat intelligence and served as a Subject Matter Expert to multiple US federal agencies. She has influenced national cyber security policies and regularly briefed at all levels of government. Her focus is detecting, identifying, and differentiating between cyber-espionage and cyber-crime actors and groups. A veteran of the US Air Force, she is fluent in Mandarin Chinese. Jen has several degrees and technical certifications, including a Master of Science degree in information technology from the University of Maryland.


Colonel Jon Brickey

Colonel Jon Brickey

Army Cyber Institute Partner Relations Director for the National Capital Region

Panelist

Colonel Jon Brickey currently serves as the Army Cyber Institute Partner Relations Director for the National Capital Region. His previous military assignment was at the United States Military Academy from 2011 to 2014, where he served as the Army Cyber Command Fellow and Assistant Professor in the Department of Social Sciences and the Combating Terrorism Center. Initially commissioned in the Field Artillery through the United States Military Academy in 1991, Colonel Brickey has served in Army/Joint tactical and operational positions in the United States, Europe, and Southwest Asia, including company command in V Corps Artillery, Wiesbaden, Germany. He has held leadership positions in Cyber-related programs at the National Security Agency, Northern Command, Army Central Command, and Army Cyber Command.

Colonel Brickey is an Information Systems Officer and Certified Information Systems Security Professional (CISSP). He also serves as a Senior Fellow with the Center for Cyber and Homeland Security (CCHS) at the George Washington University and as an editorial board member for Military Cyber Affairs.

Colonel Brickey holds a B.S. in Political Science from the United States Military Academy, a Master's Certificate in Homeland Security and Defense from the University of Colorado, an M.S. in Information Technology Management from the Naval Postgraduate School, and a Ph.D. in Computer Science and Information Systems from the University of Colorado.


Randy Hegarty

Randy Hegarty

Enterprise Security IT Manager, CISO Office, Penn State University

Panelist

Randy Hegarty is currently the Enterprise Security Manager for the Office of Information Security at Penn State University, which is responsible for a multi-campus environment throughout the state of Pennsylvania. Before moving to Penn State in 1998, he worked in software engineering with The Raytheon Systems Company. He worked for several years at Penn State advancing systems and networks within the Smeal College of Business. Randy has been with the Penn State security office for the last 14 years. Helping to build a proactive cyber security unit within the office, he manages teams who help protect and assist the University to improve its stance against cyber threats within the environment. He holds a Bachelor's degree from The Pennsylvania State University.