Loading Events

ATARC 2021 CyberSecurity Virtual Summit

January 12, 2021 from 1:30-3:45 PM Eastern Time 2.5 CPE Credits Available for this Event***
RegistrationIndustry Partners
}

1:30 PM

Welcome Remarks 

Tom Suder

Tom Suder

CEO, ATARC

}

1:30 PM

Visionary Keynote

Kevin Cox

Kevin Cox

Program Manager, Continuous Diagnostics and Mitigation Program, United States Department of Homeland Security

}

1:45 PM

Emerging Technolgy Talks

Addressing cybersecurity challenges with Identity-centric Security

Integrating identity and security technologies to address a specific requirement is just one piece of the modern cybersecurity puzzle. Broader initiatives, like Zero Trust and Insider Threat, also require an identity-centric approach to ensure security and an optimal user experience. The identity-centric security approach provides real time, intelligence-based access to data and applications by integrating IAM infrastructure with enterprise cyber security technologies. As Identity has finally transitioned from operational and user experience driven, to being recognized as the core of security. Organizations often struggle to make sense of complex security technologies and hunger for new approaches to solve complex identity security challenges, improve overall security and extract value out of existing investments. This quick introduction provides the framework and practical guidance that helps organizations put identity at the center of their security strategy, optimizing cyber security investments, while controlling risk as IT infrastructures converge.

Frank Briguglio

Frank Briguglio

Global Public Sector Strategist, SailPoint

Integrity: The True Measure of Security

You know it’s important to pass audits and prevent breaches, but how can you go beyond just checking the security box to feeling confident that your systems are in a trustworthy and reliable state? In this tech talk, former Special Ops Marine and Tripwire’s VP of Federal & Enterprise Maurice Uenuma will outline why system integrity is important and how to upgrade you can upgrade your standard periodic monitoring practice to one with continuous monitoring for real-time change detection and automated reconciliation.

Maurice Uenuma

Maurice Uenuma

Vice President, Federal & Enterprise, Tripwire

Protecting NPEs In a Perimeter-less World

Complex government IT environments balancing on-premise, mobile, IoT, virtual and cloud components have found a host of new cybersecurity challenges as the perimeter has dissolved leaving all matters of identity at the core of our network defense strategies.

The events of 2020 have accelerated the adoption of even more cloud-based services, IoT devices and remote connections, forcing the exponential growth of Non-Person Entities (NPEs) to include, devices, code, API’s, RPA and more. 
Given this scale of machine adoption, government information security and operations teams are struggling with identity management for all of these NPE types, exposing them to adversaries who could exploit weak security practices to gain unauthorized access to mission critical systems.

In this talk, we’ll discuss identity management for these machines and recommendations for gaining

  1. Visibility into the machine identity estate
  2. Insight and intelligence into how they’re used and the risks they pose to the government
  3. How to automate machine identity lifecycles to secure, protect and manage NPEs at the speed & scale of modern enterprise architectures​.
Ben Boykin

Ben Boykin

VP Federal, Venafi

}

2:07 PM

Exploring Cyber Security in the Time of Covid-19

This year has proven the need to strengthenCyber Security capabilities, and a need to solve the Cyber Security challenges brought forth due to the pandemic. This panel will explore the current state of technology, use cases, and limitations of Cyber Security, in the Federal Government space. Listen in as subject matter experts share lessons learned and solutions to the challenges brought on to their agency’s as a result of COVID-19. What strategies have been put in place in order to strengthen Cybersecurity as the Federal Government is starting to embrace  a “new normal”?  Find out how these topic experts have pushed through the challenges brought forth through COVID-19.

Greg Singleton

Greg Singleton

Director, Health Sector Cybersecurity Coordination Center, U.S. Department of Health & Human Services

Roy Fernando

Roy Fernando

Security Architect, US Small Business Administration

Gary Dodd

Gary Dodd

Chief Information Security Officer Information Technology, Bonneville Power Administration, United States Department of Energy

John Fanguy

John Fanguy

Public Sector Chief Technology Officer, Micro Focus

Moderator:  Isaac Constans

Moderator: Isaac Constans

Staff Writer, GovLoop

}

2:55 PM

Emerging Technology Talk

Shift Security Left. No, More Left Than That

The “shift left” approach is not a new concept within software testing and DevOps best practices and it is commonly thought of when discussing DevSecOps. This usually includes security testing earlier in the software development lifecycle with the goal of identifying security vulnerabilities and weaknesses prior to shipping code to operations. However, “shift security left” is commonly interpreted to be “get developers to run security tools”. This approach is fraught with issues as it requires developers to context switch out of their workflow, learn and use new tools, understand the output of these new tools, and file bugs to be remediated (in yet another tool). The “shift left” approach requires a harder shift left, bringing security testing as close as possible to the developer while not expecting them to learn new tools. Furthermore, security results need to be contextual and provide actionable next steps so they can be resolved as quickly as possible. Finally, security scans need to finish in minutes, not in hours or days. A harder shift left empowers you and your organization as it applies repeatable, defensible processes that automate security and compliance policies from the first line of code written.

In this session, we will discuss:

  • Common pitfalls when implementing traditional “shift left” security
  • How to best apply different security scanning techniques available
  • Embedding security scanning into the developer workflow
  • Automating secure development best practices

 

David DeSanto

David DeSanto

Senior Director, Product Management - Sec, GitLab

}

3:10 PM

Strengthening The Future of Cyber Security Through Emerging Technology

Listen as CyberSecurity Experts explain the importance of CyberSecurity across the Federal Government. In this period of time of building the “new normal”, What emerging technology has led to strengthening Cybersecurity?  This panel will set out to explain the emerging technology that has been used to help strengthen federal Cyber security, along with the future of Cyber Security in the Federal Government. What does it mean to strengthen your agency’s Cybersecurity? Where do these Federal Leaders see the future of Cybersecurity going, and what emerging technology will help it get there? Here topic experts will discuss the best practices to implement to strengthen federal cybersecurity, some lessons learned, as well as some challenges from along the way. 

Vincent Sritapan

Vincent Sritapan

Cyber QSMO Section Chief, Cybersecurity and Infrastructure Security Agency

Greg Crabb

Greg Crabb

Chief Information Security Officer and Digital Solutions Vice President, US Postal Service

Marvin Woods

Marvin Woods

Electrical Engineer, Federal Aviation Administration

Frank Briguglio

Frank Briguglio

Global Public Sector Strategist, SailPoint

Moderator:  Billy Mitchell

Moderator: Billy Mitchell

Editor-in-Chief, Scoop News Group (FedScoop)

}

3:55 PM

Closing Remarks 

Register

Zoom enables ATARC remote collaboration opportunities through its cloud platform for video and audio conferencing, chats and webinars across all devices. Allowing for individuals from all areas of government, industry and academia to communicate directly.

*** ATARC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org. Program Level: Beginner, no prerequisites required. Advance preparation: none. Delivery Method: Group Internet Based. Field of Study: Information Technology. Registration #140762. In accordance with the standards of the National Registry of CPE Sponsors, CPE credits have been granted based on a 50-minute hour. Refund, cancellation and complaint resolution policy