Hack the Capitol 6.0 Schedule
Introduction, Security Briefing, and Opening Remarks by Charles Clancy
Keynote - A Fireside Chat with CISA Director Jen Easterly
T1 Session 1 - Balancing National Resiliency and Innovation: How to do Effective Critical Infrastructure Cyber Regulations
Mark R Bristow
T1 - Session 2 - VC Perspectives on Cybersecurity Investing
T1 - Session 3 - Cyber Critical Infrastructure Security and Resilience
Keynote - A Fireside Chat with the CISO of NYC Kelly Moan
Closing Remarks and Wrap-up
Keynote - A Fireside Chat with TSA Administrator David Pekoske
T1 - Session 5 - Cyber Informed Engineering - "Secure by Design" for Critical Infrastructure
T1 - Session 6 - Information Overload! What's Actually Helping, and What Matters Most for OT Defense?
T1 - Afternoon Session Kickoff - Remarks from Congresswoman Laurel Lee
T1 - Session 7 - Meet the Press. (The good ones, anyway.)
T1 - Session 8 - ICS and IoT: The Convergence
Closing Remarks and Wrap-up
T2 - Session 1 - The Unlikely Romance: Critical Infrastructure Edition
Casey John Ellis
T2 - Session 2 - What it Will Take to Fix PPD-21
T2 - Session 3 - The Central Role of Space in Terrestrial Critical Infrastructure Operation and Resiliency
T2 - Session 4 - Stunted Growth: Raising Awareness for Cyber Risks in the Agricultural Sector
T2 - Session 5 - What’s Next for the Cyber Safety of National Water Service?
T2 - Session 6 - The Pineapple on Pizza of IT and OT
T2 - Session 7 - When Everything Is Critical, Nothing Is: ISA and Mitigation Prioritization
Mark R Bristow
T2 - Session 8 - Outside the Beltway: Lessons in Cyber Mutual Aid and Collective Defense from NYC
T2 - Session 9 - DOE Technology, Tools, and Funding for ICS Cybersecurity
T2 - Session 10 - Inside an OEM Supply Chain Security program
T2 - Session 11 - Cybersecurity Regulation: When Does it Make Sense and When Doesn't it?
T2 - Session 12 - No Going It Alone - Critical Infrastructure Lessons from Recent Conflicts
T2 - Session 13 - IoT Cybersecurity For Federal Agencies (And Everybody Else)
T2 - Session 14 - Regulating critical infrastructure security
T2 - Session 15 - Tip of the Spear: Understanding the Operating Environment of Government Contractors
T2 - Session 16 - The Most Critical of Critical Infrastructure
Chatham House Rule applies to Technical Track content. Participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed.
T3 - Session 1 - Cyber Mutual Assistance – Response and Recovery is a Team Sport
T3 - Session 2 - Why Big Data Is Not Enough - The Value of Little Data
Mollie Caroline Breen
T3 - Session 3 - Dodging the Prevention Silver Bullet
T3 - Session 4 - Tactical Risk Reduction in ICS/OT Environments
Don C Weber
T3 - Session 5 - Hack-A-Sat: Connecting Space And Cyber Resiliency Stimulated Through Competition
T3 - Session 6 - From Steam Engines to Cyber threats: An Introduction to Railroad OT Systems and Threats
T3 - Session 7 - 10 years of OT Cybersecurity; what's established, and what to look forward to in the next decade!
T3 - Session 8 - Tying Security Architecture into Control Room Operations
T3 - Session 9 - Security in Energy Distribution: It Ain’t Easy Being Green
T3 - Session 10 - Open-Source ICS Cybersecurity Tools for Small and Medium-Sized Asset Owners
T3 - Session 11 - XRVillage: The Road to Securing Every Version of Your Reality
T3 - Session 13 - Use This One Weird Trick To Hack Smart Meters
T3 - Session 14 - Is OT Cyber Repeating IT Cyber Mistakes?
T3 - Session 15 - Flight Delayed: Mitigating Air Travel Cybersecurity Risks
T3 - Session 16 - From Compliance to Continuity: How Deeper OT Asset Data Enables Maturity in Cybersecurity for Resilience, Safety, and Performance
Visit the Aerospace Village, a registered 501(c)(3) organization, to learn more about our mission to build, inspire, and promote an inclusive community of next-generation aerospace cybersecurity expertise and leaders. Our aviation and space experts will demonstrate the impact of ICS vulnerabilities on airport lighting systems, along with displaying a CubeSat/FlatSat. Learn how the Air Force created its one-of-a-kind Hack-a-Sat Capture the Flag competition. Get hands on with Bricks-in-the-Air to learn about keeping aircraft control systems secure.
Biohacking / Medical Device Village
The BIOHACKING Village, a 501(C)3 organization, will have a wide variety of medical devices on display for discussion and questions. Our team will be ready to discuss and demonstrate how these devices can be remotely attack and negatively impact patient safety.
CISA and INL ICS Escape Room
CISA's Industrial Control Systems Section (ICSS) and Idaho National Labs (INL) are offering participants a unique Cyber-focused Escape Room! Teams of up to 12 participants will have their teamwork, knowledge, and problem-solving skills tested as they attempt to stop malicious cyber criminals from causing catastrophic damage to the Nation's critical infrastructure. With a wide range of difficulty and complexity in the challenges, this is a perfect event for newcomers to cybersecurity as well as seasoned incident responders - all will be challenged and will leave (if they make it out!) with a new understanding and appreciation of cybersecurity and infrastructure security concepts. All are welcome - individuals and smaller groups will be merged together as needed.
DOE CESER and INL team up with a demonstration of the world-renowned CyberStrike LIGHTS OUT training for Hack the Capitol. Participants will be guided through a hands-on demonstration of the cyberattack process used by an adversary to remotely turn off electricity to a quarter million customers in Ukraine.
MITRE Caldera™ OT Unit Simulation
Come experience a MITRE CalderaTM for OT demonstration unit representative simulation of a three-floored manufacturing facility representing OT systems including facility access and safety components. The simulation includes CALDERA™ OT software enabling emulated adversary action against these representative systems.
The National Cryptologic Museum will be exhibiting and demonstrating a captured German Enigma machine. Swing by to see how these machines were employed to encrypt and decrypt sensitive communications. Ask us how it was ultimately defeated and how the Allied forces benefited from the compromised communications.
The Open Organisation Of Lockpickers, or TOOOL, is an international group of lockpicking enthusiasts dedicated to advancing the general public knowledge about locks and lockpicking through teaching, research, and competition. TOOOL in the United States is a 501(c)(3) non-profit organization with Chapters in more than 20 states, including affiliated Chapters in Canada.
GRIMM will demonstrate what a cyberattack can do to critical infrastructure. They will use the Scythe Platform for Threat Emulation to demonstrate actual Tactics, Techniques, and Procedures (TTP) that an adversary would use against a network.