Thought Leader Insights: Securing the Hyperconnected World

Dec 9, 2022 8:00am ‐ Dec 9, 2022 8:55am

Identification: SS22DC14b

As wearables, AR, and connected healthcare devices become ubiquitous, people are increasingly reliant on nonstop, secure connectivity for health, information, and entertainment. With this great convenience comes great risk; some threats are obvious and some quite subtle. In this discussion, we’ll examine the three key links in the chain, potential weaknesses and how to secure them:

1. Endpoint devices themselves
2. The communication network, increasingly 5G
3. Back-end cloud services, including ZTA impact

As these are often provided by different entities, standards and interoperability become important, but each of these links is subject to risks and limitations imposed by the other. In this presentation, we’ll discuss the best practices for secure design and validation at each step to ensure a trusted and reliable hyper-connected world.

• Understand the risk factors across IOT deployments of any scale, starting at the individual devices then the network then the back-end cloud services that power them.

Welcome

Dec 9, 2022 9:00am ‐ Dec 9, 2022 9:05am

Identification: SS22DCNS

Fireside Chat With CISA: Recruiting the Next Line of Defense for our Cybersecurity Future

Dec 9, 2022 9:05am ‐ Dec 9, 2022 10:00am

Identification: SS22DC03

The battle rages on in the race to find, recruit and educate the future of the cybersecurity workforce. Join Kiersten Todt, chief of staff at the Cybersecurity & Infrastructure Security Agency (CISA) and Clar Rosso, CEO, (ISC)2, for a discussion on the best practices that hiring managers in the public and private sectors should employ to expand the search for the diverse cybersecurity talent needed on tomorrow’s front lines.

• /blalh;ijsadf

Concurrent Sessions (Select One)

Dec 9, 2022 10:30am ‐ Dec 9, 2022 11:25am

Identification: 001

From the CMS batCAVE: Laying the Groundwork for Realtime Application Security

Dec 9, 2022 10:30am ‐ Dec 9, 2022 11:25am

Identification: SS22DC04

In this session, we’ll highlight the work happening at CMS to accelerate the development and maintenance of secure software. Platform container orchestration, continuous delivery pipelines, and a continuous purple team are all parts of the puzzle that makes up the batCAVE.

• Learn about the PaaS mechanics of the CMS batCAVE
• Learn about the control inheritance model and how batCAVE can streamline security compliance efforts

Breaking Down Zero Trust

Dec 9, 2022 10:30am ‐ Dec 9, 2022 11:25am

Identification: SS22DC13

The adoption of Zero Trust has gained momentum fueled by changing threat vectors and move towards remote work that is redefining the security perimeter. Govt Agencies are in a rush to modernize their cyber security architecture to meet these demands and comply with the Executive orders. In this session, we will break down Zero Trust, describe an approach to conducting a Zero Trust maturity assessment and discuss how organizations can implement a roadmap for success.

• Learn how to approach Zero Trust Maturity Assessments for your organization
• Learn the key capabilities supporting Zero Trust maturity for most organizations

Concurrent Sessions (Select One)

Dec 9, 2022 11:35am ‐ Dec 9, 2022 12:30pm

Identification: 002

Birds of a Different Feather Hunt Together: How Diverse Industries Approach Internal and External Threats

Dec 9, 2022 11:35am ‐ Dec 9, 2022 12:30pm

Identification: SS22DC05

Hear from cybersecurity leadership representing the financial, social and industrial sectors as they share insights and lessons learned on how to detect and deter internal and external threats. This session will address the insider threat, their focus on people, how to stay on top of external threats, and what keeps these leaders up at night when it comes to the ever-changing threat landscape.

Evaluating and Improving NIST Cybersecurity Resources

Dec 9, 2022 11:35am ‐ Dec 9, 2022 12:30pm

Identification: SS22DC06

The National Institute of Standards and Technology is updating the NIST Cybersecurity Framework to keep pace with the evolving cybersecurity risks, standards, and technology landscape. Join this session to learn about the update process for the Cybersecurity Framework 2.0, including areas of focus and stakeholder feedback received thus far, as well as how to get engaged in the process to share your feedback about the use and potential improvements to the Framework.

Threats Outside the Agency Perimeter: The Not-So-Secret Backdoors into Your Organization

Dec 9, 2022 1:30pm ‐ Dec 9, 2022 2:25pm

Identification: SS22DC08

High-profile individuals in both the public and private sector are frequent targets of threat actors aiming to exfiltrate data, commit fraud, take over their accounts, disseminate false information, impersonate or extort them. Such forms of malicious exploitation often lead to initial compromise, facilitate costly ransomware attacks, and result in operational, financial, and reputational losses.

This session will highlight the benefits of an intelligence-based security program to reduce executive exposure - and therefore risk - in a world of rapidly evolving threats. We’ll also examine the process of building or maturing an Intelligence program that empowers an agency to move from a reactive to a proactive security posture and stay ahead of the enemy.