Agenda
Times are subject to change.
Keynote
Redefining Governance: AI Integration in the Public Sector
A new era in AI for government agencies has emerged, ushering in a shift from basic operational support to full integration within organizational frameworks. Despite the undeniable value AI brings, many grapple with its inherent risks. In response, the Biden administration has issued Executive Order 14110 on Safe, Secure, and Trustworthy AI, establishing groundbreaking standards for U.S. government agencies. Forward-thinking leaders are now dedicated to evaluating enterprise-ready platforms, implementing comprehensive toolsets, and tailoring strategies to their unique organizational needs. This includes a keen focus on governance frameworks that emphasize ethics and transparency. As these leaders advance toward an AI-powered future, crucial questions emerge: How can they effectively navigate the complexities of AI deployment while upholding the highest standards of transparency and accountability?
In this conversation, esteemed public sector leaders will discuss an analysis of the recent executive order, offering insights into their current progress and successes. Through the exploration of compelling use cases, they will illustrate the benefits of a well-structured, efficient, and meticulously governed approach to AI deployment across diverse operational landscapes.
A new era in AI for government agencies has emerged, ushering in a shift from basic operational support to full integration within organizational frameworks. Despite the undeniable value AI brings, many grapple with its inherent risks. In response, the Biden administration has issued Executive Order 14110 on Safe, Secure, and Trustworthy AI, establishing groundbreaking standards for U.S. government agencies. Forward-thinking leaders are now dedicated to evaluating enterprise-ready platforms, implementing comprehensive toolsets, and tailoring strategies to their unique organizational needs. This includes a keen focus on governance frameworks that emphasize ethics and transparency. As these leaders advance toward an AI-powered future, crucial questions emerge: How can they effectively navigate the complexities of AI deployment while upholding the highest standards of transparency and accountability?
Read MoreMonica Montgomery
Deputy CISO for Management and Strategy & Deputy Director, Cybersecurity OfficeNational Geospatial Intelligence Agency (NGA)
Emily Wolfteich
Senior Industry AnalystGovExec
Main Stage
Welcome from Qualys CEO, Sumedh Thakar
Sumedh Thakar
Chief Executive OfficerQualys
Panel
Strategies for Success: Federal Cloud Security in Action
Recognizing the pivotal role of cloud security in safeguarding our federal networks, as outlined in Executive Order 14028, 'Improving the Nation's Cybersecurity,' federal IT leaders are actively pursuing avenues to enhance the security posture of their cloud environments. Key organizations such as CISA and the GSA FedRAMP office serve as invaluable resources, offering essential guidance on crafting a robust federal cloud security strategy and establishing an effective cloud service governance framework. However, the challenge remains for leaders to ensure comprehensive integration of cybersecurity standards across all levels of an agency's operations. How can leaders ensure that cybersecurity remains a central consideration in every aspect of an agency's operations? Furthermore, how are these leaders utilizing the authority of the Executive Order to drive the adoption of enhanced standards, such as multi factor authentication and encryption for data protection?
During this session, public sector cloud leaders will delve into real-world case studies highlighting successful integration of cloud security into their planning processes. They will share best practices aimed at cultivating a pervasive culture of cybersecurity awareness across all government departments and levels. The objective is not simply to meet but to surpass the standards outlined in the Executive Order, fortifying the resilience of our federal cloud ecosystem for the future.
Recognizing the pivotal role of cloud security in safeguarding our federal networks, as outlined in Executive Order 14028, 'Improving the Nation's Cybersecurity,' federal IT leaders are actively pursuing avenues to enhance the security posture of their cloud environments. Key organizations such as CISA and the GSA FedRAMP office serve as invaluable resources, offering essential guidance on crafting a robust federal cloud security strategy and establishing an effective cloud service governance framework. However, the challenge remains for leaders to ensure comprehensive integration of cybersecurity standards across all levels of an agency's operations. How can leaders ensure that cybersecurity remains a central consideration in every aspect of an agency's operations? Furthermore, how are these leaders utilizing the authority of the Executive Order to drive the adoption of enhanced standards, such as multi factor authentication and encryption for data protection?
Read MorePaul Blahusch
Chief Information Security OfficerDepartment of Labor
Keith Busby
Acting Chief Information Security OfficerCenters for Medicare & Medicaid Services (CMS)
Matthew Gonzalez
Security Operation Chief, NTIADepartment of Commerce
Nayeem Islam
VP, Product Management for Cloud SecurityQualys
George Jackson
VP, EventsGovExec
Keynote
Enhancing Cyber Readiness Across the DIB
At the forefront of an ever-evolving cyber threat landscape, the Defense Industrial Base (DIB) confronts persistent attempts by adversaries to breach critical systems and compromise sensitive data. To counter this mounting risk, the Department of Defense (DoD) has launched CMMC 2.0, an ambitious framework crafted to bolster the DIB against the rising tide of sophisticated cyber threats. This proactive initiative serves as a shield for the DIB's sensitive, unclassified information, ensuring frontline warfighters have secure data crucial for effective mission execution.
In this discussion, defense leaders will explore this dynamic cybersecriity ecosystem. They will unveil pathways toward a more secure and resilient defense industrial ecosystem, offering valuable insights into how their organizations are actively integrating CMMC into DIB operations. With a keen eye on navigating intersections with ongoing cyber fortification efforts, these leaders will also delve into synergies and collaborative strategies across various initiatives. Together, they aim to elevate the collective cybersecurity readiness of the sector, ensuring a steadfast defense against emerging threats.
At the forefront of an ever-evolving cyber threat landscape, the Defense Industrial Base (DIB) confronts persistent attempts by adversaries to breach critical systems and compromise sensitive data. To counter this mounting risk, the Department of Defense (DoD) has launched CMMC 2.0, an ambitious framework crafted to bolster the DIB against the rising tide of sophisticated cyber threats. This proactive initiative serves as a shield for the DIB's sensitive, unclassified information, ensuring frontline warfighters have secure data crucial for effective mission execution.
Read MoreBailey Bickley
Chief DIB Defense, Cybersecurity Collaboration CenterNational Security Agency
Emily Wolfteich
Senior Industry AnalystGovExec
Exclusive Interview
Dispelling the Myths of Immeasurability: Effective Cybersecurity Risk Management amidst Massive Scale, Complexity & Loss
In this fireside chat, we will discuss the necessity of measuring risk when the stakes are high as is the complexity. How do you consider what you stand to lose at Government Scale? For example, What is a Crown Jewel Asset in this context? How do you go about assessing, prioritizing & de-risking those assets with the right priorities? How might you get started?
In this fireside chat, we will discuss the necessity of measuring risk when the stakes are high as is the complexity. How do you consider what you stand to lose at Government Scale? For example, What is a Crown Jewel Asset in this context? How do you go about assessing, prioritizing & de-risking those assets with the right priorities? How might you get started?
Eric Mill
Executive Director for Cloud SecurityGeneral Services Administration
Jonathan Trull
CISO & SVP, Security Solution ArchitectureQualys
Richard Seiersen
Chief Risk Technology OfficerQualys
Panel
Zero Trust Evolution: Meeting Federal Cybersecurity Standards
Cybersecurity leaders across the public sector understand that implementing zero trust security mandates goes far beyond a mere checklist item. It necessitates a profound paradigm shift, where security becomes not just foundational but a guiding principle in strategic planning. The recent OMB memorandum 22-09 outlines a Federal zero trust architecture strategy, emphasizing the pressing need for agencies to meet stringent cybersecurity standards by Fiscal Year 2024. Central to this strategy are identity-driven security measures, such as multi-factor authentication, aimed at shielding personnel from sophisticated cyber threats. However, it is essential to recognize that this memorandum marks not the endpoint but a crucial step towards establishing a robust zero trust architecture.
In this enlightening session, zero trust leaders will explore the best practices designed to elevate cybersecurity within the public sector. They will explore the intricacies of zero trust implementation, showcasing how this approach has been instrumental in safeguarding their networks and data. Through their experiences, they will illuminate the strategic maneuvers undertaken to meet Zero Trust requirements, offering invaluable insights into their journey and outlining their trajectory leading into 2024.
Cybersecurity leaders across the public sector understand that implementing zero trust security mandates goes far beyond a mere checklist item. It necessitates a profound paradigm shift, where security becomes not just foundational but a guiding principle in strategic planning. The recent OMB memorandum 22-09 outlines a Federal zero trust architecture strategy, emphasizing the pressing need for agencies to meet stringent cybersecurity standards by Fiscal Year 2024. Central to this strategy are identity-driven security measures, such as multi-factor authentication, aimed at shielding personnel from sophisticated cyber threats. However, it is essential to recognize that this memorandum marks not the endpoint but a crucial step towards establishing a robust zero trust architecture.
Read MoreGerald Caron
Chief Information OfficerInternational Trade Administration
Amy S. Hamilton, PhD.
Visiting Faculty Chair, Department of EnergyNational Defense University
Jonathan Trull
CISO & SVP, Security Solution ArchitectureQualys
Rick Friend
Senior Cybersecurity Solutions ArchitectMerlin Cyber
George Jackson
VP, EventsGovExec
Panel
Open-Source Solutions: Transforming Federal Supply Chain Security
The Federal Government relies heavily on a myriad of products and services for critical functions. However, the global supply chain for these technologies faces relentless threats from nation-state and criminal actors, who seek to steal sensitive information, intellectual property, and disrupt the Government’s ability to provide secure services to the public. In response, OMB and NIST have provided guidance, such as memo 22-18 titled 'Enhancing the Security of the Software Supply Chain through Secure Software Development Practices,' outlining steps to ensure software producers adhere to secure development practices. While this guidance primarily targets federal agencies and their software providers, widespread industry adoption could potentially prevent catastrophic cyberattacks on the global supply chain.
Join us for an enlightening session where we discuss open-source solutions designed to enhance first-party risk management in alignment with the principles of memo 22-18. Public sector leaders will engage in discussions regarding the challenges and opportunities inherent in safeguarding global supply chains from cyberattacks, natural disasters, and geopolitical uncertainties. Furthermore, they will explore the potential of blockchain, IoT, and AI-driven solutions for enhanced transparency and real-time risk management.
The Federal Government relies heavily on a myriad of products and services for critical functions. However, the global supply chain for these technologies faces relentless threats from nation-state and criminal actors, who seek to steal sensitive information, intellectual property, and disrupt the Government’s ability to provide secure services to the public. In response, OMB and NIST have provided guidance, such as memo 22-18 titled 'Enhancing the Security of the Software Supply Chain through Secure Software Development Practices,' outlining steps to ensure software producers adhere to secure development practices. While this guidance primarily targets federal agencies and their software providers, widespread industry adoption could potentially prevent catastrophic cyberattacks on the global supply chain.
Read MoreJon Boyens
Deputy Chief of the Computer Security DivisionNIST
Shon Lyublanovits
C-SCRM Program LeadCybersecurity & Infrastructure Security Agency
Jeanette McMillian
Assistant Director of Supply Chain and Cyber DirectorateNational Counterintelligence and Security Center (ODNI)
Alex Kreilein
Vice President, Product SecurityQualys
George Jackson
VP, EventsGovExec
Exclusive Interview
Optimizing Cyber Defenses: Exploring CDM's Strategic Vision
The federal government's Continuous Diagnostics and Mitigation (CDM) program stands as a cornerstone in fortifying cybersecurity defenses, successfully thwarting significant cyberattacks and bolstering the resilience of government systems. Mandated by CISA's Binding Operational Directive 23-01, federal civilian executive branch agencies are required to elevate network asset visibility and vulnerability detection. These agencies must conduct automated asset discovery every seven days and vulnerability scanning every 14 days, with results uploaded to the CDM Dashboard. With the Biden administration's fiscal 2024 budget request earmarking over $400 million for the CDM program, what new horizons await? How can the program be strategically utilized to further enhance cyber operations?
Join us for an insightful session where leaders from the CDM office will navigate the program's future trajectory, uncovering pathways for optimization. Explore with us as we delve into crucial questions surrounding scope expansion, innovative strategy implementation, and the indispensable need for adaptability in the ever-evolving landscape of cyber risks.
The federal government's Continuous Diagnostics and Mitigation (CDM) program stands as a cornerstone in fortifying cybersecurity defenses, successfully thwarting significant cyberattacks and bolstering the resilience of government systems. Mandated by CISA's Binding Operational Directive 23-01, federal civilian executive branch agencies are required to elevate network asset visibility and vulnerability detection. These agencies must conduct automated asset discovery every seven days and vulnerability scanning every 14 days, with results uploaded to the CDM Dashboard. With the Biden administration's fiscal 2024 budget request earmarking over $400 million for the CDM program, what new horizons await? How can the program be strategically utilized to further enhance cyber operations?
Read MoreMark Canter
Chief Information Security OfficerGovernment Accountability Office
Shailesh Athalye
Senior Vice President, Product ManagementQualys
Emily Wolfteich
Senior Industry AnalystGovExec
Keynote
Closing Keynote with DOE's Paul Selby
During this presentation, Paul Selby, CISO of the Department of Energy (DOE), will explore key aspects of government cybersecurity. In line with the theme "Shaping Government's Resilience Through Risk Management," he will delve into critical risks facing agencies today. Discover how the DOE proactively safeguards its data against evolving cyber threats and addresses emerging issues in the public sector.
During this presentation, Paul Selby, CISO of the Department of Energy (DOE), will explore key aspects of government cybersecurity. In line with the theme "Shaping Government's Resilience Through Risk Management," he will delve into critical risks facing agencies today. Discover how the DOE proactively safeguards its data against evolving cyber threats and addresses emerging issues in the public sector.
Paul Selby
Chief Information Security OfficerDepartment of Energy
Main Stage
Qualys Closing Remarks
Jonathan Trull
CISO & SVP, Security Solution ArchitectureQualys