9:45 am MT Check-in for panelists, moderators, and discussants
10:00 am MTIntroduction by Jen Gaudioso
10:15 am MTPanel #1: R&D Priorities in the New National Cyber Strategy
5 panelists present for 10 minutes each, followed by 45 minutes of Q&A and discussion

Moderator: Nerayo Teclemariam

Panelists: Melissa Hathaway, Brian Gattoni, Guy Walsh, Scott Aaronson, Bobbie Stempfley

Overarching Question:
How might we advance cybersecurity in the public interest through strategic R&D investments?

Specific questions:
  1. Which R&D investments do you see as most critical for enabling you (or the U.S.
    government) to achieve strategic goals? Are there areas you think are overlooked or overhyped?
  2. What critical gaps do you see in U.S. capabilities as compared to China, Russia, and the rest of the world? How might R&D investments diminish or “leap” the gaps?
  3. Who has primary interests in driving forward R&D critical to meet national strategic goals? What might be done to promote coordination and partnership across siloed R&D communities?
11:45 am MTBreak
12:00 pm MTPanel #2: Challenges of Solving Systemic Weaknesses
5 panelists present for 10 minutes each, followed by 45 minutes of Q&A and discussion

Moderator: Zachary Benz

Panelists: Eugene Spafford, Heather Adkins, Cristin Goodwin, Michael Sikorski, Han Lin

Overarching Question:
Secure, low-defect software and the authentication of trusted users are foundational elements for any cybersecurity strategy. We rely on complex pieces of software for everything from the most critical functions to mundane tasks, yet assessing software for modification or flaws is incredibly challenging. Simultaneously, users are shifting to remote work, requiring access to resources from new devices, locations, and networks. Managing identities, establishing new access policies, and re-evaluating trust poses serious challenges for even the most capable of organizations. How can we make progress on these two intractable and increasingly complex challenges?

Specific questions:
  1. What major strategic or systemic weaknesses result from an inability to trust software or to trust users, and what is the potential impact to the public?
  2. Where do you see the most opportunity for progress? What are indicators or
    metrics of progress?
  3. What technological processes, techniques, and tools are needed to manage
    ongoing and future threats in software security and user access management?
  4. What other uncertainties or disruptive technology trends are you tracking and
    how may they change the dynamics of cyber offense and defense in the future?
1:30 pm MTAdjourn