Loading Events

ATARC 2022 Zero Trust Summit

August 9, 2022, 7:30 AM - 3:00 PM ET | Marriott Marquis, Washington DC

6.0 CPE Credits Available for this Event***

Register Partnership Opportunities
}

7:30 AM

Registration   |    Breakfast

}

8:30 AM

Welcome and Opening Remarks

Gerald Caron

Gerald Caron

Assistant Inspector General/Chief Information Officer, Office of Management and Policy, Office of Inspector General, United States Department of Health and Human Services and ATARC Zero Trust Summit Chair

Tom Suder

Tom Suder

Founder / CEO, ATARC

}

8:30 AM

Visionary Keynote Briefing

John Kindervag

John Kindervag

Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow at ON2IT Cybersecurity, Zero Trust Executive Steering Committee, Cloud Security Alliance

}

9:00 AM

Visionary Panel: Using Emerging Technologies to Strengthen Zero Trust Security

Emerging Technologies are evolving at a faster pace than ever before, especially as agencies aim to implement Zero Trust Security. Throughout the adoption and integration of Zero Trust principles into any cybersecurity strategy comes with many challenges and questions. Agencies must turn to emerging technologies to help with the adoption and integration process of Zero Trust.

Tune into this panel to hear from topic experts on the importance of emerging technologies while agencies are in the process of adopting and implementing Zero Trust Principles. In what ways do emerging technologies help this process? What best practices do these topic experts recommend when agencies are using emerging technologies to adopt and implement Zero Trust principles.

Tom Harrell

Tom Harrell

Trusted Advisor and Sr IT Policy Analyst, Consultant to NIH/NCATS CIO, Office of Administrative Management, Program Management, Policy Analysis, and Governance

Joseph Ronzio

Joseph Ronzio

Deputy Chief Technology Officer, Office of Health Information, Veterans Health Administration, United States Department of Veterans Affairs

Loren Smith

Loren Smith

Director, Solutions Development Branch of the Office of Enterprise Technology Solutions, Information Technology Category, Federal Acquisition Service, General Services Administration

Chris Riotta

Chris Riotta

Reporter, Government Executive Media Group

}

9:45 AM

Emerging Technology Technology Talk

Zero Trust Strategy for Zero Compromise

Government guidance on Zero Trust Security Architecture is gaining momentum, but changes in how we work (remote teleworking) and evolving cyber threats HEATing up will continue to impact Zero Trust guidance.  Today’s threat landscape means that private and public sector organizations can no longer rely on their users or on detection-based security tools to protect their users, critical data, and systems from attacks.

Security teams need greater visibility and control to enable a Zero Trust approach to protect against web & email-borne threats. To capitalize on the growing threat landscape, threat actors are targeting web browsers with Highly Evasive Adaptive Threats (HEAT).  These HEAT attacks bypass traditional security defenses and leverage the standard capabilities of modern web browsers to deliver things like ransomware, compromised credentials and various malware.  Rather than trying to identify threats as malware after they’ve breached the perimeter, web isolation works by routing all web traffic through a cloud based remote browser before delivering only safe content to the endpoint. It doesn’t matter if the web content is good or bad, categorized or uncategorized—Web Isolation Platforms should adopt Zero Trust principles by assuming that all content is malicious and treating it accordingly.  This guarantees that no web-borne threat ever reaches the end user, enabling them to navigate the web more freely, securely, and seamlessly.

Mike Rider

Mike Rider

Senior Federal Systems Engineer, Menlo Security

}

9:52 AM

Emerging Technology Technology Talk

Jason Addis

Jason Addis

Public Sector Client Director, Venafi

}

10:00 AM

Visionary Panel: Government Guidance on Zero Trust

To help Federal agencies convert their networks, systems and devices to a Zero Trust Security architecture, the White House has issued three new draft guidance documents. The documents, including the Federal Zero Trust Strategy from the Office of Management and Budget, and the Zero Trust Maturity Model and Cloud Security Technical Reference Architecture from the Cybersecurity and Infrastructure Security Agency, are meant to provide agencies with a roadmap and resources required to sustain a multiyear push towards Zero Trust.

Listen in as topic experts dive into the Guidance, as well as the importance behind them. How will these guidance documents affect Zero Trust Security? Do these roadmaps present any challenges? How can agencies best leverage the guidance documents for successful security architecture implementation? 

Karim Said

Karim Said

Chief Information Security Officer, Office of Headquarters Services, Office of Strategic Infrastructure, National Aeronautics and Space Administration

Stephen Haselhorst

Stephen Haselhorst

Zero Trust Program Manager/Lead, Office of the Chief Information Officer and Chief Privacy Officer, Federal Deposit Insurance Corporation

Conrad Bovell

Conrad Bovell

Director, Division of Information System Security, Centers for Medicare and Medicaid Services, United States Department of Health and Human Services

Shawn Wells

Shawn Wells

Managing Director for Cybersecurity Strategy and Technology at Accenture Federal Services

Moderator: Tom Suder

Moderator: Tom Suder

Founder/CEO, ATARC

}

11:00 AM

Visionary Panel: The Future of Zero Trust in the Federal Government

As the workforce has had to transition to teleworking, the importance of Zero Trust Security has skyrocketed. Zero Trust has become an enabler of the remote workforce and beyond. Zero Trust is better equipped to perform, and therefore better suited for aiding organizations maintaining a hybrid working model. This panel will focus on Zero Trust and how we need to be thinking differently about security, risk, and governance.

Listen in as topic experts explore the current status of Zero Trust, ways to strengthen Zero Trust, as well as what is in store for Zero Trust in the future. Where do these topic experts think Zero Trust can improve on? What best strategies will help improve on these issues?

Togai Andrews

Togai Andrews

Chief Information Security Officer, Chief Information Officer Directorate, Bureau of Engraving and Printing, United States Department of the Treasury

Donald L. Coulter

Donald L. Coulter

Senior Science Advisor, Cybersecurity, Office of the Under Secretary, Science and Technology Directorate, United States Department of Homeland Security

Alyssa Feola

Alyssa Feola

Cybersecurity Advisor, Technology Transformation Services, Federal Acquisition Service, United States General Services Administration

Angel Phaneuf

Angel Phaneuf

Chief Information Security Officer, U.S. Army Software Factory, U.S. Army Futures Command, United States Department of the Army

Fatoma Kallon

Fatoma Kallon

Cyber Security Evangelist, Public Sector, Akamai

Moderator: Jason Miller

Moderator: Jason Miller

Executive Editor, Federal News Network

}

11:45 AM

Lunch   |   Emerging Technology Showcase

}

12:45 PM

Fireside Chat

Sean Connelly

Sean Connelly

TIC Program Manager and Senior Cybersecurity Architect, Cybersecurity Division, Cybersecurity and Infrastructure Security Agency, United States Department of Homeland Security

}

1 PM

Emerging Technology Technology Talk

How reliable is the 4th pillar in your Zero Trust strategy?

CISA’s Zero Trust Maturity Model and OMB Memo M-22-09 prescribes addressing the 5 pillars of Zero Trust: Identity, Device, Network/Environment, Application Workload and Data.  Yet many federal agencies don’t meet the ‘Advanced’ and ‘Optimal’ maturity stages as outlined in the model. During this Tech Talk, you’ll learn how what a comprehensive approach to addressing application workload entails, and why Application Security is essential to addressing the mandates outlined in the Cybersecurity Executive Order and OMB Memo M-22-09.

Neal Byrd

Neal Byrd

VP of Public Sector, Veracode

}

1:08 PM

Emerging Technology Technology Talk

Securing Federal Software Supply Chains is Critical to Zero Trust

To condense zero trust down to one simple statement: it means not assuming any part of your IT infrastructure is secure. In-depth protection from sophisticated attacks against your systems is the primary aim. Attacks that cannot be prevented will at least have their impact minimized. If you are not securing your Software Supply Chain in addition to your perimeter, then you can not realize a complete Zero Trust environment. As we have seen particularly over the past few years, even with best practices governing the security of the perimeter, if an open source library is opening a backdoor into your production environments, your efforts towards a Zero Trust environment have been thwarted.

Listen to this topic and learn how protecting your open source software supply chain fits within your Zero Trust maturity plans, as well as advances in protections that can help block known and suspicious open source code from entering your environment, adding to your perimeter defenses.

Mike Donovan

Mike Donovan

Technical Director, Federal, Sonatype

}

1:15 PM

Visionary Panel: Zero Trust and the Federal Identity-Centric Security Roadmap

In today’s digital world, identity is the new perimeter. To meet the access and usability demands of modern users, agencies are moving towards a more robust and comprehensive security posture that’s centered around the Zero Trust principle of “never trust, always verify.” This requires agencies to ensure the RIGHT people have access to the RIGHT data, at the RIGHT time, only when needed or contextual parameters are met. 

Tune into this panel to hear from topic experts as they explore how the Federal Identity-Centric Security Roadmap fits in with the advancement of Zero Trust Security. What does the concept of never trust, always verify mean? What are some best practices for verifying users in your network? What challenges have these topic experts experienced as they incorporate Zero Trust within their Federal Identity-Centric Security Roadmap? What solutions have these topic experts come up with? 

Raghav Vajjhala

Raghav Vajjhala

Chief Information Officer and Chief Data Officer, Office of the Chief Information Officer, Office of the Executive Director, Federal Trade Commission

Shane Barney

Shane Barney

Chief Information Security Officer, Office of Information Technology, United States Citizenship and Immigration Services, United States Department of Homeland Security

Gurinder Bhatti

Gurinder Bhatti

Principal Global Security Strategist, Okta.

Moderator: Jason Miller

Moderator: Jason Miller

Executive Editor, Federal News Network

}

2 PM

Emerging Technology Technology Talk

Zero Trust Segmentation – How can we stop the insanity?

Doing the same thing over and over again and expecting a different result is the definition of insanity.  Yet, agencies continue to attempt zero trust segmentation via traditional network segmentation methodologies.  Network segmentation is overly complex and simply can’t keep pace with the rapidly changing landscape which represents today’s world.  In the face of SecDevOps, cloud, and containers, it is time for a new approach.  Label based macro and micro segmentation is a new approach to an age-old problem.  Let’s talk about how label-based segmentation can help agencies rapidly achieve the goals of Zero Trust Segmentation.

Gary Barlet

Gary Barlet

Federal Field CTO, Illumio

}

2:07 PM

Emerging Technology Technology Talk

Meeting Critical Requirements from the Federal Zero Trust Architecture Strategy

On January 26, the White House issued the federal Zero Trust architecture strategy (M-22-09), a continuation of the May 2021 Executive Order on Improving the Nation’s Cybersecurity. The federal Zero Trust architecture strategy details a series of specific actions all U.S. federal agencies must take to advance toward adopting a Zero Trust approach, with aggressive implementation deadlines over the next two-and-a-half years. Though the strategy’s directives are aimed at the U.S. Government, non-federal government entities may find the strategy as helpful guidance to begin or advance their own Zero Trust journeys. Learn how your organization can align with the latest federal requirements through a comprehensive set of Zero Trust capabilities and expertise.

Wayne LeRiche

Wayne LeRiche

Solution Architect, Palo Alto Networks Federal

}

2:15 PM

Panel: ATARC Zero Trust Lab Experience

Through a unique collaboration between government and industry, since October of 2021 the ATARC Zero Trust Lab has operated as a showcase of technical architectures and hardware and software solutions to address the Zero Trust use cases as defined by CISA. This hardware and software evaluation environment aimed to create a unique space for Federal agencies to better assess software products. This automated, flexible demonstration platform aimed to enhance the ability to evaluate true cost of ownership by providing transparency into the products deployment process and multi-cloud capabilities.

Hear from the Lab participants and Federal agencies representatives about their experience in presenting or viewing available Zero Trust architecture solutions.

Gerald Caron

Gerald Caron

Assistant Inspector General/Chief Information Officer, Office of Management and Policy, Office of Inspector General, United States Department of Health and Human Services and ATARC Zero Trust Summit Chair

Amy Hamilton

Amy Hamilton

Senior Cybersecurity Advisor Policy and Programs, Office of Cybersecurity and CISO, Office of the Chief Information Officer, United States Department of Energy

William Lemons

William Lemons

Architect, Federal Systems Engineering Fortinet Federal, Inc.

David Abramowitz

David Abramowitz

Regional Technical Lead, Trend Micro

Moderator: Tom Suder

Moderator: Tom Suder

Founder/CEO, ATARC

}

3:00 PM

Reception

 

In-person Registration: 

Virtual Registration 

By submitting this form you acknowledge receipt of and consent to ATARC’s Privacy Policy For further information, please review our complete Privacy Policy.

Zoom for Government enables ATARC remote collaboration opportunities through its cloud platform for video and audio conferencing, chats and webinars across all devices. Allowing for individuals from all areas of government, industry and academia to communicate directly. 

*** ATARC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org. Program Level: Overview, no prerequisites required. Advance preparation: none. Delivery Method: Group Live. Field of Study: Information Technology. Registration #140762. In accordance with the standards of the National Registry of CPE Sponsors, CPE credits have been granted based on a 50-minute hour. Refund, cancellation and complaint resolution policy.