The Multicloud Working Group’s mission is to share broadened definitions, understanding and best practices around ‘Multicloud’ and ‘Multicloud Operating Model’ in today’s multicloud ecosystem. This enables public sector organizations to understand and contend with the Day 2 operational complexities of the multicloud operating model they will encounter as they adopt and scale application, data, user experienc...

Learn to combat the world’s latest cyber threats with up-to-the-minute training from real-world practitioners! Make new connections at one of the largest gatherings of professionals in the cyber community this year. Join us in Austin, TX, or Live Online for SANS Austin Fall 2023 (November 27 – December 2). SANS Austin Fall 2023 features: In-Person or Live Online training Tactical cyber security training taught by experts who...

At the height of the pandemic in 2020, the Federal Employee Viewpoint Survey found that almost half of federal employees worked remotely. By the end of 2022, the same survey found that 14% of employees were working remotely and another 25% were teleworking at least three days a week. The sudden exodus from government office buildings shone a bright light on the significant challenges it posed to security compliance operations – a challen...

Join more than 10,000 influential leaders from the cybersecurity community at CyberWeek, the nation’s largest week-long cybersecurity festival focused on digital threats, online privacy, security innovation and the U.S. government’s work on improving cyberspace. CyberWeek is an annual movement bringing together top C-Suite leaders, information security pros, security researchers, state and federal officials and other influential de...

Cybersecurity education and workforce development is a significant issue given large current national capability and skills gaps. In this webinar, we bring together key partners and major stakeholders from the public sector, private sector, and academia to discuss pathways of collaboration and partnerships moving forward to solving this important problem. Panel members will discuss their experience and “best practices” to reduce th...

Cybersecurity is akin to the 20th century Cold War. On the one hand, bad actors – whether nation-states or common criminals – are constantly searching for new vulnerabilities and creating new tools to attack them. On the other, all government agencies and private sector companies are trying to remain alert and find new ways to fend off those attacks. Among the innovative ways agencies are responding to the ever-evolving threat land...

Advances in telecommunications capabilities are a major driver in Department of Defense programs. From creating secure private networks that U.S. military forces and their partners can use in conflicts to integrating 5G capabilities to create “smart” warehouses to significant improvements in supply chain logistics, DoD has been committed to investing in rethinking the meaning and applications of communications. One of the next step...

Insider Risk Programs have continued to evolve naturally over the past 20 years. They have grown exponentially beyond the traditional lens of trying to identify spies through cyber-focused data exfiltration events. Today, Insider Risk Programs have expanded to include internal HR, legal, and compliance stakeholders within organizations and have expanded security beyond strictly physical and cyber domains to now include analysts, investigators,...

Communications security is one of the foremost priorities in any battlespace. This is one reason the Department of Defense is keen on building out 5G capabilities, because of its ability to create secure private networks anywhere it is deployed. But 5G’s capabilities extend beyond creating private networks on the fly. Its ability to handle massive amounts of data makes it a crucial component in real-time data collection from all sources,...

The central premise of Office of Management and Budget Memo 22-09 laying out the Federal Zero Trust Strategy is that no actor, system, network, or service operating outside or within the security perimeter is trusted. Controlling access is everything. This makes defining identity crucial – not just for people, but for every device of any kind that tries to access an agency system. The strongest form of identity management is attribute-ba...