A new era in AI for government agencies has emerged, ushering in a shift from basic operational support to full integration within organizational frameworks. Despite the undeniable value AI brings, many grapple with its inherent risks. In response, the Biden administration has issued Executive Order 14110 on Safe, Secure, and Trustworthy AI, establishing groundbreaking standards for U.S. government agencies. Forward-thinking leaders are now dedicated to evaluating enterprise-ready platforms, implementing comprehensive toolsets, and tailoring strategies to their unique organizational needs. This includes a keen focus on governance frameworks that emphasize ethics and transparency. As these leaders advance toward an AI-powered future, crucial questions emerge: How can they effectively navigate the complexities of AI deployment while upholding the highest standards of transparency and accountability?

In this conversation, esteemed public sector leaders will discuss an analysis of the recent executive order, offering insights into their current progress and successes. Through the exploration of compelling use cases, they will illustrate the benefits of a well-structured, efficient, and meticulously governed approach to AI deployment across diverse operational landscapes.

Monica Montgomery

Deputy CISO for Management and Strategy & Deputy Director, Cybersecurity Office
National Geospatial Intelligence Agency (NGA)

Emily Wolfteich

Senior Industry Analyst
GovExec

Recognizing the pivotal role of cloud security in safeguarding our federal networks, as outlined in Executive Order 14028, 'Improving the Nation's Cybersecurity,' federal IT leaders are actively pursuing avenues to enhance the security posture of their cloud environments. Key organizations such as CISA and the GSA FedRAMP office serve as invaluable resources, offering essential guidance on crafting a robust federal cloud security strategy and establishing an effective cloud service governance framework. However, the challenge remains for leaders to ensure comprehensive integration of cybersecurity standards across all levels of an agency's operations. How can leaders ensure that cybersecurity remains a central consideration in every aspect of an agency's operations? Furthermore, how are these leaders utilizing the authority of the Executive Order to drive the adoption of enhanced standards, such as multi factor authentication and encryption for data protection?

During this session, public sector cloud leaders will delve into real-world case studies highlighting successful integration of cloud security into their planning processes. They will share best practices aimed at cultivating a pervasive culture of cybersecurity awareness across all government departments and levels. The objective is not simply to meet but to surpass the standards outlined in the Executive Order, fortifying the resilience of our federal cloud ecosystem for the future.

Paul Blahusch

Chief Information Security Officer
Department of Labor

Keith Busby

Acting Chief Information Security Officer
Centers for Medicare & Medicaid Services (CMS)

Matthew Gonzalez

Security Operation Chief, NTIA
Department of Commerce

Nayeem Islam

VP, Product Management for Cloud Security
Qualys

George Jackson

VP, Events
GovExec

At the forefront of an ever-evolving cyber threat landscape, the Defense Industrial Base (DIB) confronts persistent attempts by adversaries to breach critical systems and compromise sensitive data. To counter this mounting risk, the Department of Defense (DoD) has launched CMMC 2.0, an ambitious framework crafted to bolster the DIB against the rising tide of sophisticated cyber threats. This proactive initiative serves as a shield for the DIB's sensitive, unclassified information, ensuring frontline warfighters have secure data crucial for effective mission execution.

In this discussion, defense leaders will explore this dynamic cybersecriity ecosystem. They will unveil pathways toward a more secure and resilient defense industrial ecosystem, offering valuable insights into how their organizations are actively integrating CMMC into DIB operations. With a keen eye on navigating intersections with ongoing cyber fortification efforts, these leaders will also delve into synergies and collaborative strategies across various initiatives. Together, they aim to elevate the collective cybersecurity readiness of the sector, ensuring a steadfast defense against emerging threats.

Bailey Bickley

Chief DIB Defense, Cybersecurity Collaboration Center
National Security Agency

Emily Wolfteich

Senior Industry Analyst
GovExec

In this fireside chat, we will discuss the necessity of measuring risk when the stakes are high as is the complexity. How do you consider what you stand to lose at Government Scale? For example, What is a Crown Jewel Asset in this context? How do you go about assessing, prioritizing & de-risking those assets with the right priorities? How might you get started?

Eric Mill

Executive Director for Cloud Security
General Services Administration

Jonathan Trull

CISO & SVP, Security Solution Architecture
Qualys

Richard Seiersen

Chief Risk Technology Officer
Qualys

Cybersecurity leaders across the public sector understand that implementing zero trust security mandates goes far beyond a mere checklist item. It necessitates a profound paradigm shift, where security becomes not just foundational but a guiding principle in strategic planning. The recent OMB memorandum 22-09 outlines a Federal zero trust architecture strategy, emphasizing the pressing need for agencies to meet stringent cybersecurity standards by Fiscal Year 2024. Central to this strategy are identity-driven security measures, such as multi-factor authentication, aimed at shielding personnel from sophisticated cyber threats. However, it is essential to recognize that this memorandum marks not the endpoint but a crucial step towards establishing a robust zero trust architecture.

In this enlightening session, zero trust leaders will explore the best practices designed to elevate cybersecurity within the public sector. They will explore the intricacies of zero trust implementation, showcasing how this approach has been instrumental in safeguarding their networks and data. Through their experiences, they will illuminate the strategic maneuvers undertaken to meet Zero Trust requirements, offering invaluable insights into their journey and outlining their trajectory leading into 2024.

Gerald Caron

Chief Information Officer
International Trade Administration

Amy S. Hamilton, PhD.

Visiting Faculty Chair, Department of Energy
National Defense University

Jonathan Trull

CISO & SVP, Security Solution Architecture
Qualys

Rick Friend

Senior Cybersecurity Solutions Architect
Merlin Cyber

George Jackson

VP, Events
GovExec

The Federal Government relies heavily on a myriad of products and services for critical functions. However, the global supply chain for these technologies faces relentless threats from nation-state and criminal actors, who seek to steal sensitive information, intellectual property, and disrupt the Government’s ability to provide secure services to the public. In response, OMB and NIST have provided guidance, such as memo 22-18 titled 'Enhancing the Security of the Software Supply Chain through Secure Software Development Practices,' outlining steps to ensure software producers adhere to secure development practices. While this guidance primarily targets federal agencies and their software providers, widespread industry adoption could potentially prevent catastrophic cyberattacks on the global supply chain.

Join us for an enlightening session where we discuss open-source solutions designed to enhance first-party risk management in alignment with the principles of memo 22-18. Public sector leaders will engage in discussions regarding the challenges and opportunities inherent in safeguarding global supply chains from cyberattacks, natural disasters, and geopolitical uncertainties. Furthermore, they will explore the potential of blockchain, IoT, and AI-driven solutions for enhanced transparency and real-time risk management.

Jon Boyens

Deputy Chief of the Computer Security Division
NIST

Shon Lyublanovits

C-SCRM PMO Lead
Cybersecurity & Infrastructure Security Agency

Jeanette McMillian

Assistant Director of Supply Chain and Cyber Directorate
National Counterintelligence and Security Center (ODNI)

Jonathan Trull

CISO & SVP, Security Solution Architecture
Qualys

George Jackson

VP, Events
GovExec

The federal government's Continuous Diagnostics and Mitigation (CDM) program stands as a cornerstone in fortifying cybersecurity defenses, successfully thwarting significant cyberattacks and bolstering the resilience of government systems. Mandated by CISA's Binding Operational Directive 23-01, federal civilian executive branch agencies are required to elevate network asset visibility and vulnerability detection. These agencies must conduct automated asset discovery every seven days and vulnerability scanning every 14 days, with results uploaded to the CDM Dashboard. With the Biden administration's fiscal 2024 budget request earmarking over $400 million for the CDM program, what new horizons await? How can the program be strategically utilized to further enhance cyber operations?

Join us for an insightful session where leaders from the CDM office will navigate the program's future trajectory, uncovering pathways for optimization. Explore with us as we delve into crucial questions surrounding scope expansion, innovative strategy implementation, and the indispensable need for adaptability in the ever-evolving landscape of cyber risks.

Richard Grabowski

Acting Program Manager, CDM
Cybersecurity & Infrastructure Security Agency

Shailesh Athalye

Senior Vice President, Product Management
Qualys

Emily Wolfteich

Senior Industry Analyst
GovExec

During this presentation, Paul Selby, CISO of the Department of Energy (DOE), will explore key aspects of government cybersecurity. In line with the theme "Shaping Government's Resilience Through Risk Management," he will delve into critical risks facing agencies today. Discover how the DOE proactively safeguards its data against evolving cyber threats and addresses emerging issues in the public sector.

Paul Selby

Chief Information Security Officer
Department of Energy