Skip Navigation Links
What We Do
AFEI Awards
Contact Us
Supply Chain Cyber Risk
Cyber Deterrence
AFEI Supported Events
Past Events
Industry News
Press Releases
Working Groups
Industry Advisory Group (IAG)
Section 804 Task Force

 Supply Chain Cyber Risk Forum 

Supply Chain Cyber Risk 

 Securing Supply Chains in the Cyber Domain 

Event Number



 12/6/2011  to 12/6/2011 


 The Ritz-Carlton Pentagon City, Arlington, VA 


 Tammy Kicker, [email protected] 


About the AFEI December Cyber Series

AFEI is holding two cyber-related events back-to-back in December to address two of the critical aspects of the cyber ecosystem: 

Supply Chain Cyber Risk Forum - understanding supply chain risk from cyber vulnerabilities and building trusted/assured sources of supply for defense, homeland security, critical infrastructure and economic well-being; and

Cyber Deterrence Forum - applying deterrence principles to the cyber domain.

Attend both events and receive special discount of $75 off of the Cyber Deterrence registration fee.  You must contact Tammy Kicker ([email protected]) to take advantage of this offer.  See Registration tab for details.

AFEI is hosting these in conjunction with the NDIA Cyber Division, which it co-chairs.  For more information on the Cyber Division go to the NDIA Cyber Division web site page here.

2nd Annual Supply Chain Cyber Risk Forum 

"The risk of compromise in the manufacturing process is very real and is perhaps the least understood cyber threat."

- Former Deputy Secretary of Defense William Lynn

Supply chains are critical parts of larger enterprises.   Attention must be paid to all things coming into that enterprise that could, like a mosquito carrying a disease, introduce vulnerabilities.  

The Defense Department, through efforts such as the Trusted Foundry program and use of standards like Common Criteria (ISO/IEC 15408), is working to reduce its supply chain vulnerability footprint.  This is not a small problem.  Some have recommended government measures that mandate significant and potentially onerous consequences for suppliers having inadequate cyber protections.

The House Republican Cybersecurity Task Force, however, recommends an approach based more on incentives rather than regulations.

The Cyber risks and vulnerabilities in an improperly managed supply chain, from counterfeit equipment to malware to other avenues of attack, are real and growing.   Agencies and departments are developing policies to keep a more watchful eye on vendors, partners, and others in their cyber supply chains and adopt best practices for mitigating risks across their systems and processes.

The question remains:  Will they be carrots or sticks?



8:30 AM


Ms. Jennifer Bisceglie
President, Interos Solutions, Inc.

 Brett Lambert

Keynote Address

Brett B. Lambert, Deputy Assistant Secretary of Defense, Manufacturing and Industrial Base Policy, DoD

Mr. Lambert is the principle advisor to the Under Secretary of Defense for Acquisition, Technology and Logistics on all matters relating to the defense industrial base, including industrial capabilities and assessments; defense industry mergers, acquisitions and consolidation; preservation of essential industries and technologies; and other related matters.

9:15 AM


Mr. Larry Clinton, President and CEO, Internet Security Alliance

Mr. Clinton has been featured in USA Today, the PBS News Hour, the Morning Show on CBS, Fox News, CNN’s Situation Room, C-SPAN, and CNBC and has authored numerous professional journal articles on cyber security.  Mr. Clinton is regularly called upon to testify before both the U.S. House and Senate and promotes a pro-market, anti regulatory approach to cyber security as outlined in numerous publications, including the ISA Cyber Security Social Contract and the Financial Management of Cyber Security.

10:00 AM

Networking Break

10:30 AM

Understanding the Threat
Presentations from Government and Industry on the threats that supply chains face and protective measures being implemented.

Steven R. Chabinsky, Deputy Assistant Director, Cyber Division, Federal Bureau of Investigation (invited)

Mr. Chabinsky serves as Deputy Assistant Director within the FBI's Cyber Division. The Cyber Division manages all FBI domestic and international investigative and outreach efforts focused on protecting the United States from cyber attack, cyber espionage, online child exploitation, Internet fraud, intellectual property rights theft, and other high technology crimes.

11:00 AM Jeffrey W. Irvine, Deputy Assistant Director, Office of Investigations, US Secret Service

11:30 AM


Marcus H. Sachs, P.E., Vice President - National Security Policy, Verizon (invited)

Marcus is Verizon's Vice President for National Security Policy with responsibility for directing Verizon policy development and advocacy on issues ranging from critical asset protection to cyber security and emergency preparedness. He works closely with external government and business stakeholders in task forces, working groups, committees, and trade associations as part of the National Security/Emergency Preparedness (NS/EP) community in the Nation's Capital. In January 2011 he was elected to Vice Chair of the Communications Sector Coordinating Council.

12:00 PM


1:00 PM

I Really Need That Big Stick – Government Initiatives to Protect Supply Chains
Moderated by Don Davidson, Chief, Outreach, Science & Standards (CNCI-SCRM) Trusted Mission Systems & Networks (TMSN) Office of the DoD-CIO

Invited Panelists:

  • Mitchell Komaroff, Director, Trusted Mission Systems and Networks, DoD CIO (invited)

  • Joe Jarzombek, PMP, CSSLP
    Director for Software Assurance at Dept of Homeland Security (invited)

  • Jon Boyens, Senior Advisor, Computer Security Division at NIST

  • Michelle Mullins, Canada

2:30 PM

Networking Break

3:00 PM

Carrots Work Better Than SticksPerspectives from Industry
Moderated by Ms. Jennifer Bisceglie, Interos Solutions, Inc.

Senior representatives discuss the partnership between government and industry that is essential to achieve levels of assurance that will protect supply chains without excessive burdens on industry or government.

  • Samuel Chun, Cyber Security Practice, HP
  • Lawrence Hurst, Fraud & Anti-Counterfeit Program Manager, Intel (invited)
  • Andras Szakal, VP and Chief Technology Officer, IBM Federal Software
  • Waide Jones, Information Security Strategist, Lockheed Martin (invited)
  • Steve Lipner, Microsoft, Chairman of SAFECode 

4:30 PM

Summary Panel – What did we hear, where do we go?
Moderator: Dave Chesebrough, President, AFEI

  • Ms. Jennifer Bisceglie, Interos Solutions, Inc.
  • Don Davidson, Chief, Outreach, Science & Standards (CNCI-SCRM) Trusted Mission Systems & Networks (TMSN) Office of the DoD-CIO

5:00 PM


The Ritz-Carlton, Pentagon City
1250 South Hayes Street
Arlington, VA 22202
(703) 415-5000

Map & Directions


Day Valet Parking is $18/day, overnight Valet is $30/day

Parking is also available at the Fashion Centre Pentagon City

Garage parking access is available from either 15th Street or Army-Navy Street.
For more information call: 703-415-2150

Parking rates:

0-2 hours     $ 2.00
2-3 hours     $ 3.00
3-4 hours     $ 4.00
4-5 hours     $ 5.00
5-6 hours     $ 6.00
6-8 hours     $ 10.00
8-10 hours    $ 14.00
10-24 hours  $ 16.00

Location Information

  • Strategic proximity to the Crystal City and Rosslyn business districts, Old town Alexandria, Capitol Hill and downtown Washington, DC
  • Closest proximity hotel to The Pentagon
  • Metro rail service on the Blue and Yellow line at the front door of the hotel
  • Central location to world class shopping at The Fashion Centre
  • Five minute drive to Ronald Reagan Washington National Airport (Two Metro stops)
  • Ten minute drive from downtown Washington, D.C. (Two Metro stops)

Contact Hotel



The Ritz-Carlton, Pentagon City
1250 South Hayes Street
Arlington, VA 22202
(703) 415-5000

While a room block has not been specified for this event, the hotel does offer the pervailing per diem rate based on occupancy and availabilty. When making a reservation please make mention of the event "AFEI Cyber Deterrence" for any available discount they may offer.

*The government per diem rate is available only to active duty or civilian government employees.  ID will be required upon check-in.  Retired military ID's do not qualify.



Attend the full Cyber Series
If you would like to attend both the Supply Chain Cyber Risk Forum and the Cyber Deterrence Forum please download this combined
event registration form. 
Complete and fax the  Cyber Series registration form.  
A $75 discount will be applied to the Cyber Deterrence Forum fee. 

Contact Tammy Kicker ([email protected]) for any assistance on how to complete the registration process and receive the discount. 


Attend the Supply Chain Cyber Risk Forum Only

Online registration open till December 1, 2011.

Note: Online registration for AFEI events is through the NDIA customer portal.  AFEI is an affiliate of NDIA.

Unfamiliar with registering for an AFEI or NDIA event? 
Check out this brief

Register Now Online!

Or you may download the Registration Form 2A06 to fill out and fax back with payment information.


( by November 23rd )

 (after November 23rd)

and Academia

 $ 249

$ 349 

AFEI Member NDIA Member and affiliates

 $ 449

$ 549

Industry Non-member

 $ 549

$ 599 

*Only available for active-duty military and civilian employees of the Government.  Does not apply to contractors working for the government in any capacity.

Registration Policy

Please do not  mail any registrations after November 28, 2011
You may register online or fax a completed registration form until COB Thursday, December 1, 2011.  After this date, bring your registration form with you to the conference for onsite registration. 
Registrations will not be taken over the phone; payment must be made at the time of registration. 

Cancellation Policy

Cancellation requests received before November 23rd will receive a full refund.   No refunds will be given for cancellations received after November 24th.  Substitutions are welcome in lieu of cancellations as long as there is no change in the financial transaction.  All substitutions and cancellations must be made in writing to Tammy Kicker at [email protected].



Sponsorships provide maximum visibility and brand recognition. You can strengthen your market position, make key contacts, showcase your products and services, and develop relationships with new customers, while reinforcing your existing customer relations. Sponsorships add a critical tool to your current marketing strategy.

Promotional Partner for $1,500 

Benefits include:

  • Logo on the conference event web site
  • Company name on filler slides at conference
  • Recognition from the podium
  • Event Signage
  • 1 complimentary conference registration

Contact Betsy Lauer at [email protected] or 703-247-9473 for details on this event, or combine your sponsorship at both AFEI December cyber related events.


For Attendees

This symposium addresses the following questions:

  • Update:  What’s happened since the last seminar and what’s new in the 2012 FY that we need to be aware of?
  • What policy and legislation approaches are best in addressing this problem?
  • What are new policies and models for trusting suppliers, their supply chains and systems? Are current policies and those under consideration regarding suppliers and counterfeiting really going to be effective?
  • Self-regulation vs government mandates – which is the more effective method?
  • Do stringent requirements endanger fragile industries?
  • Do half-measures provide inadequate protections?
  • What are the unintended consequences of physical and cyber intersections for supply chains?
  • How are real issues in this space defined and differentiated from non-issues?

The Comprehensive National Cybersecurity Initiative (CNCI) Initiative 11 recommends developing a multi-pronged approach for global supply chain risk management.   This initiative should provide “a robust toolset to better manage and mitigate supply chain risk at levels commensurate with the criticality of, and risks to, their systems and networks.”

Who Should Attend?

Over one hundred and twenty five professionals in this area attended the first Cyber Supply Chain Forum.  They represented a cross-section of businesses, large and small, who are participants in a supply chain and who have a stake in the outcome of debates on these topics.

Budget talks have stalled some action on this issue, but it is coming.  Industry is realizing that being a "good supplier" means having adequate cyber protections, both for its own intellectual property and for the Government data it is privileged to maintain or have access to.

The time is coming when some for of auditable certification of cyber protection will be required to obtain Government business.

If you want to gain insights on what the future holds, participate in these critical discussions, be a part of the solution and not the problem, and network with others to learn what they are doing, then this event is for you.