As wearables, AR, and connected healthcare devices become ubiquitous, people are increasingly reliant on nonstop, secure connectivity for health, information, and entertainment. With this great convenience comes great risk; some threats are obvious and some quite subtle. In this discussion, we’ll examine the three key links in the chain, potential weaknesses and how to secure them:
As these are often provided by different entities, standards and interoperability become important, but each of these links is subject to risks and limitations imposed by the other. In this presentation, we’ll discuss the best practices for secure design and validation at each step to ensure a trusted and reliable hyper-connected world.Learning Objective:
The battle rages on in the race to find, recruit and educate the future of the cybersecurity workforce. Join Kiersten Todt, chief of staff at the Cybersecurity & Infrastructure Security Agency (CISA) and Clar Rosso, CEO, (ISC)2, for a discussion on the best practices that hiring managers in the public and private sectors should employ to expand the search for the diverse cybersecurity talent needed on tomorrow’s front lines.Learning Objective:
In this session, we’ll highlight the work happening at CMS to accelerate the development and maintenance of secure software. Platform container orchestration, continuous delivery pipelines, and a continuous purple team are all parts of the puzzle that makes up the batCAVE.Learning Objectives:
The adoption of Zero Trust has gained momentum fueled by changing threat vectors and move towards remote work that is redefining the security perimeter. Govt Agencies are in a rush to modernize their cyber security architecture to meet these demands and comply with the Executive orders. In this session, we will break down Zero Trust, describe an approach to conducting a Zero Trust maturity assessment and discuss how organizations can implement a roadmap for success.Learning Objectives:
Hear from cybersecurity leadership representing the financial, social and industrial sectors as they share insights and lessons learned on how to detect and deter internal and external threats. This session will address the insider threat, their focus on people, how to stay on top of external threats, and what keeps these leaders up at night when it comes to the ever-changing threat landscape.
The National Institute of Standards and Technology is updating the NIST Cybersecurity Framework to keep pace with the evolving cybersecurity risks, standards, and technology landscape. Join this session to learn about the update process for the Cybersecurity Framework 2.0, including areas of focus and stakeholder feedback received thus far, as well as how to get engaged in the process to share your feedback about the use and potential improvements to the Framework.
High-profile individuals in both the public and private sector are frequent targets of threat actors aiming to exfiltrate data, commit fraud, take over their accounts, disseminate false information, impersonate or extort them. Such forms of malicious exploitation often lead to initial compromise, facilitate costly ransomware attacks, and result in operational, financial, and reputational losses.
This session will highlight the benefits of an intelligence-based security program to reduce executive exposure - and therefore risk - in a world of rapidly evolving threats. We’ll also examine the process of building or maturing an Intelligence program that empowers an agency to move from a reactive to a proactive security posture and stay ahead of the enemy.