Things are coming to a head within the federal supply chain (and, frankly, every other supply chain) as cyber-attacks become increasingly more common and sophisticated. Join SteelCloud’s COO, Brian Hajost, and TD Synnex Public Sector's Chief Cyber Security Technologist, Don Maclean, as they discuss how to strategize your cyber response: Explore EO 10428, which calls for bold changes to cybersecurity Learn about SBOMs (software bill of m...

The OMB 21-31 requirement directs federal agencies to adopt a set of standards concerning event log management by August 27th, 2023. Specifically, event logging tier 3 requires federal agencies to invest in automation and user behavior monitoring — two critical components in any zero trust architecture. Legacy systems weren’t built for today’s perimeter-less environment, which is why having a solution that is cloud-native wil...

Join Blackboard on September 21, at 11:00am, EST for an engaging conversation where David Casaceli, Railroad Safety Specialist-Technical Training at the Federal Railroad Administration discusses how the FRA approaches training and utilizes Blackboard Learn to deliver education and training.

Public sector agencies are transforming how to execute mission operations and provide services to citizens. Through guidance from recent laws and executive orders including the Technology Modernization Fund, the Evidence Act, memorandum M-19-21, as well as the 2021 Executive Order to improve Customer Experience (CXO), agency leaders are driving innovation and leveraging data to transform how their organizations are able to govern and serve the...

First defined over two decades ago, zero trust has substantially picked up steam in recent years. President Biden’s Executive Order on Improving the Nation’s Cybersecurity has taken it a step further by codifying zero trust as the Federal Government’s security architecture of choice. Nearly every agency desires to achieve zero trust, but the gap between their existing environments and the ideals they read about leave most st...

Join CrowdStrike for a deep dive into the nation-state threat landscape of Iran. Jason Rivera, Global Director - Strategic Threat Advisory Group at CrowdStrike, will give a brief on the broader geopolitical context for the latest Iranian cyber activities, an overview of the primary threat actors responsible for Iranian offensive cyber operations, and these actors’ TTPs (tactics, techniques, and procedures). He will also share mitigation...

Join CrowdStrike for a Join CrowdStrike for a deep dive into the nation-state threat landscape of China. Joshua Shapiro, CrowdStrike’s public sector threat intel SME, will give a brief on the broader geopolitical context for the latest Chinese cyber activities, an overview of the primary threat actors responsible for Chinese offensive cyber operations, and these actors’ TTPs (tactics, techniques, and procedures). He will also share...

Today, agencies are striving to improve their application security programs, while at the same time, not slowing down the development, delivery, and deployment of their software applications. Can a balance be achieved between security and an organization’s (or agency’s) daily business requirements? We know it’s possible. Application Security (AppSec) Awareness Programs that are specifically focused on the development communit...

The recent shift towards DevOps makes it clear that Federal agencies are moving forward with adopting this operational model to facilitate the practice of automating development, delivery, and deployment of mission-critical software. While the traditional idea of a software release dissolves into a continuous cycle of service and delivery improvements, agencies find that their conventional approaches to software security are having a difficult...

One of the biggest threats to maintaining Continuity of Operations is a DDoS attack. Tom will discuss: (1) the evolution of modern DDoS attacks; (2) technical vulnerabilities of on-premise devices such as VPN gateways, firewalls and application servers to DDoS attacks; and (3) demonstrate the technical features of Arbor Edge Defense that enable it to be the first and last line of an automated perimeter defense