
Atarc Federal DEVops breakfast summit
November 30, 2022, 7:30 AM - 12:00 PM ET | Marriott Metro Center, Washington DC4.0 CPE Credits Available for this Event***
7:30 AM
Registration | Breakfast
8:30 AM
DevOps & Its Increasing Importance
With many older systems in place, the government is one sector that could use DevOps the most. However, like many industries, there are often challenges adopting new ways of doing things. That being said, this panel will focus on roadblocks towards DevOp adoption and addressing how to overcome them. A few questions to ask are what are the challenges to Devops adoption; What are steps that help make DevOps a reality? Join us for this discussion as topic experts will discuss IT and cybersecurity as it relates to DevOps adoption on the government level.

Ravyn Manuel
Senior Application Developer and DevOps Engineer, Office of Digital Strategy & Engagement, National Museum of African American History and Culture, Smithsonian Institute

Heather Kowalski
Chief Information Security Officer , Office of the Chief Information Officer, U.S. National Central Bureau of Interpol, U.S Department of Justice

Patrick Gonet
Portfolio Software Design Lead, Kessel Run's Operation Command and Control Branch, U.S. Department of the Air Force

Moderator: Derek Johnson
Senior Reporter, SC Media
9:15 AM
Emerging Technology Talk
A Systems Approach to Software Supply Chain Security and Continuous ATO
Authorizing Officials (AOs) face a dilemma in system assessment and authorization, aka the process to produce an Authority to Operate (ATO). They not only need to confidently assess the posture of the thing being ATO’d but also have the continuous insights to trust that it is production-worthy at all times. This dance is getting ever-more complex as smaller scale development and DevSecOps performance flourish. The interplay between speed and trust presents a wonderful opportunity for improvement among federal agencies and the contractors that support them.
Our goal is to take the guesswork out of it for the AO and the team (developers, testers, release engineers, operations staff, etc.) trudging toward the nirvana of “continuous ATO” (cATO). This presentation discusses enterprise compliance strategies and the path to cATO. These include CI and CDRO capabilities to ensure governance of DevSecOps reference designs and other processes in the end-to-end SDLC (e.g., software supply chain trust, Data Ops, etc.); real-time compliance assurance based on real-time visibility into a system’s landscape (i.e., source, binaries, infrastructure, data, and users) to determine risk posture so that the AO and team can make data driven decisions with utmost confidence.

Tyler Johnson
Senior Solutions Architect, CloudBees

9:45 AM
Federal Agencies & Data Preparedness
As cloud computing advancement makes data more accessible than ever, Federal agencies are driving improvements in services, efficiency of operations, and effectiveness of government programs. The question remains, are agencies ready to support a workforce fully armed with data, or could they experience too much of a good thing? Are there obstacles that are preventing agencies from making better use of their data? Are we ready to move from Data- Ready to DevOps?
Join us for this discussion as topic experts will discuss the importance of data-ops in an increasingly data driven world.

Stephanie Taylor
Cloud Strategist and Data Center Services Manager, Federal Aviation Administration

Donald Bauer
Chief Technology Officer, Executive Office, Global Talent Management, U.S. Department of State

Brian Joseph
Deputy Director for Data Analytics, Acquisition Data and Analytics, Office of Acquisition Enablers, U.S. Department of Defense

Jason Miller
Executive Editor, Federal News Network
10:30 AM
Emerging Technology Talk
Are You Confident in Your Software? The State of the Software Supply Chain
What lurks in your software? Recent research from Sonatype 8th Annual State of the Software Supply Chain Report has highlighted the uneven attention that various vulnerabilities receive. More widely reported vulnerabilities like log4j see high remediation rates (while still falling well short of 100% remediation), while other vulnerabilities often plateau at less than 50% remediation rates. Dr. Stephen Magill, VP of Product Innovation will discuss how software bills of materials (SBOMs), recently suggested for inclusion in federal purchasing guidelines, can help provide transparency into which applications are harboring outdated or unsafe components.
Join this discussion to learn more:
The 2022 State of the software supply chain findings
The vitality of software bills of materials
The steps to take to protect federal software supply chains

Dr. Stephen Magill
Vice President of Product Innovation, Sonatype

11:00 AM
The Future of DevOps
DevOps has become the default approach for most software-intensive organizations and is having an increasing effect on enterprise IT operating models. Unlike many flash-in-the-pan, hype-driven trends in IT, DevOps has made a real and sustained impact. It continues to transform how organizations of all sizes write, deploy, and operate software and produce digital value.
Before DevOps, software developers simply handed off their work to IT and moved on to the next project. IT was then left to figure out how to best run and maintain the software they were given. This worked fine when applications were more or less static, changing little year to year. With the rise of digitalization, developers and IT staffers have struggled to meet increasingly demanding customer expectations for new features and functionalities.
Join us for this discussion as we discuss the rapid rate of devops adoption, the positive impact they’ve had in ensuring cybersecurity, and how Devops will continue to grow and aid in our push towards automation.

Leigh Zheng
Security Engineer Division Director, Office of the Chief Information Security Officer, GSA Information Technology, U.S. General Services Administration

Shane Barney
Chief Information Security Officer, Office of Information Technology, U.S. Citizenship and Immigration Services, U.S. Department of Homeland Security

Audrey Story
Deputy Chief Information Officer (Acting), Office of the Chief Information Officer, Administration for Children and Families, U.S. Department of Health and Human Services

Mickey McCarter
Managing editor, StateTech
Register
MeriTalk is a public-private partnership that leverages an award-winning editorial team and world-class events staff to produce unmatched news, analysis, and insight that improves the outcomes of government information technology.

Zoom for Government enables ATARC remote collaboration opportunities through its cloud platform for video and audio conferencing, chats and webinars across all devices. Allowing for individuals from all areas of government, industry and academia to communicate directly.

*** ATARC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org