Cloud Safe Task Force Summit
December 4, 2023, 7:30 AM - 3 PM ET | MITRE Building 4, 7596 Colshire Dr., McLean, VA
Event Overview:
Recent alarming cyber breaches on government IT infrastructure perpetrated by state actors, have significantly escalated concerns regarding Cloud Ecosystem security. These breaches have exposed critical cyber resilience deficiencies, especially in certification processes and dealing with known vulnerabilities. This event serves as a crucial platform for both US Government leadership and Cloud Service Providers (CSPs) to join in developing a unified response for Government.
In response to rising needs, a collaborative initiative of independent experts served as the catalyst for this event. With the goal of aligning efforts and forging a resilient path forward, this initiative ensures that the nation’s critical digital infrastructure remains secure in the face of relentless cyber threats.
Agenda:
7:30 AM
Registration/Breakfast
8:30 AM
Introduction
Cedric Sims
Senior Vice President of Enterprise Innovation and Integration, MITRE
David Powner
Executive Director, Center for Data-Driven Policy, MITRE
8:35 AM
Fireside Chat
Paul Beckman
Vice President & CISO at ManTech/Former Chief Information Security Officer, DHS
Jack Wilmer
CEO, Core4ce/Former CISO & Deputy CIO, Cybersecurity, DoD
John Zangardi
CEO, Redhorse/Former Chief Information Officer, DHS
Tom Suder
Founder & CEO, Advanced Technology Academic Research Center (ATARC)
9:00 AM
Securing the Government: Solutions from Cloud Service Providers
In this enlightening panel discussion, industry partners take the stage to discuss their role in addressing contemporary cloud security concerns within the public sector. Focusing on the challenges faced today, these industry leaders delineate their strategies to aid government entities in building robust policies for the future. The dialogue emphasizes collaborative efforts, aiming to bolster public sector cybersecurity policies through innovative solutions and expertise. The discussion delves into improved governance, oversight, and cutting-edge technologies that industry partners offer to enhance cybersecurity standards and practices. By aligning their capabilities with governmental needs, these industry partners are instrumental in fortifying the digital resilience of public sector institutions. Join us as they share insights and initiatives, paving the way for enhanced cybersecurity measures and sustainable digital transformation in the public sphere.
John Bergin
Director of Federal, Digital Security & Risk, Microsoft
Anil Karmel
Co-Founder, RegScale/ President, DC Chapter, Cloud Security Alliance
Vikram Khare
Director, Continuous Assurance Engineering, Google
Uma Rajagopal
Security Governance Amazon/Operations Chair, DC Chapter, Cloud Security Alliance
Sean Sweeney
Head of Field CISO and Security Advisor Team, Oracle
Deanna Stanley
Principal Software Engineer & Group Leader, MITRE
John Yeoh
Global Vice President of Research, Cloud Security Alliance
9:00 AM
Federal Leaders and the Road to Cloud Safe Collaboration
In this panel discussion, prominent government IT leaders gather to address contemporary concerns in cloud security within the public sector. Delving into the challenges faced today, they explore how these challenges can serve as a foundation for future policy development. The discussion revolves around enhancing public sector cybersecurity policies, emphasizing improved governance, and oversight. By leveraging current security concerns as learning opportunities, the panel aims to pioneer advanced standards and practices. Through collaborative efforts, these government IT leaders aim to chart a path toward a more resilient and secure digital landscape, ensuring the safety of governmental data and fostering innovation in cybersecurity practices. Join us as these experts share insights, strategies, and visions for a more secure digital future for the public sector.
Gerald Caron
CIO, International Trade Administration, DOC/ Government Chair, ATARC Zero Trust Working Group
Dr. Chase Cunningham
Program Manager, IT-AAC ZTA Proving Grounds
John Weiler
Chief Executive Officer, IT-AAC
Kara Burgan
Lead Agile Software Engineer & Group Leader, MITRE
11:15 AM
Break
11:30 AM
Cloud Service Providers Takeaways
Join John Yeoh as he provides a concise overview of the Cloud Safe Task Force’s findings, viewed through the lens of Cloud Service Providers. The task force’s thorough exploration focused on several critical aspects, including identifying recent breaches in critical infrastructure and addressing the underlying cyber resilience deficiencies tied to certification processes and known vulnerabilities. Additionally, the discussion delved into challenges related to authorization and certification, particularly regarding cost, evolution, and impediments faced by small and medium-sized businesses. The team also explored strategies to enhance visibility, disclosure, and resolution of supply chain vulnerabilities. Furthermore, the analysis underscored the gaps in cloud consumer security practices, emphasizing the need for robust mitigation instructions and a clear delineation of responsibilities between Cloud Service Providers and the US Government.
John Yeoh
Global Vice President of Research, CSA
Government Takeaways
Join John Weiler for an overview of findings unearthed by the Cloud Safe Task Force from a Government perspective. Their diligent efforts focused on key areas including identifying recent breaches in critical infrastructure, highlighting vulnerabilities in existing certification processes, addressing challenges related to authorization and certification, especially concerning small and medium-sized businesses, enhancing visibility, disclosure, and resolution of supply chain vulnerabilities, and evaluating the insufficiency of current cloud consumer security practices in dealing with known and emergent threat profiles. This briegn underscores the necessity of a unified “Whole of Government” approach, emphasizing the alignment of federal cyber resilience policies with the evolving threat landscape.
John Weiler
Chief Executive Officer, IT-AAC
12:00 PM
Lunch
1:15 PM
Afternoon Address
1:30 PM
Path Forward Discussion with Government and Industry
In this insightful panel discussion, distinguished leaders from both the industry and government sectors come together to share their invaluable insights gained from a comprehensive event and the preceding research initiatives. Drawing upon the wealth of knowledge amassed, these experts delve into their findings and discoveries, offering a nuanced understanding of the challenges and opportunities identified. Furthermore, the panelists outline their collective vision on how to leverage this newfound knowledge effectively. By exploring practical implementations and future-oriented approaches, the panel aims to chart a strategic course forward.
Kevin Greene
Public Sector Chief Technology Officer, OpenText
Dr. Amy Hamilton
Visiting Faculty Chair, National Defense University/Senior Cyber Advisor, DOE
Bryan Rosensteel
US Federal CTO, Ping Identity
David Powner
Executive Director, Center for Data-Driven Policy, MITRE
Tom Suder
Founder & CEO, Advanced Technology Academic Research Center (ATARC)
John Yeoh
Global Vice President of Research, Cloud Security Alliance
John Weiler
Chief Executive Officer, IT-AAC
3:00 PM
Closing Remarks
Cloud Safe Task Force Technical Advisory Corps
Dr. Mari Spina
Senior Principle Cyber Security Engineer, MITRE
Katy Warren
Senior Principal and Department Manager, MITRE
