With aging IT infrastructure, outdated job classification system and a greying government workforce, agency executive and human capital officers face a trifecta of challenges in the years ahead. Soaring demand for cybersecurity experts and data scientists are just two examples of the newer professional specialists that the government is struggling to hire. With the rise of vaccinated workers, questions have arisen about the reopening of federa...

The Defense Information Systems Agency is, in many ways, the point of the cyber spear for the Department of Defense. It’s responsible for conducting network operations across all of DOD’s warfighting domains to ensure warfighters’ effectiveness and lethality.Maintaining that sharp edge during the pandemic has required DISA to adjust and evolve its own operations while assisting Defense agencies to ensure their operations cont...

As part of its risk mitigation strategy, the Cybersecurity Executive Order issued by the White House in May moves Zero Trust architecture to the center of cyber hygiene policy for the federal government. Zero Trust can be summarized easily: Trust nothing, suspect everything, authenticate 100%. The Executive Order includes directives to CISA and GSA to develop a cloud security strategy and provide guidance to agencies for implementation.Address...

"How to prevent and detect corporate fraud!!" Under COSO 2013, Principle 8: "The organization considers the potential for fraud in assessing risks to the achievement of objectives". Corporate fraud is more prevalent today than ever before. Layoffs, pressures, incentives, anonymity, computerization, and lack of privacy are all contributing factors. This CPE event is focused on presenting the internal controls to fraud prevention and detection....

As part of its risk mitigation strategy, the Cybersecurity Executive Order issued by the White House in May moves Zero Trust architecture to the center of cyber hygiene policy for the federal government. Zero Trust can be summarized easily: Trust nothing, suspect everything, authenticate 100%. The Cybersecurity and Infrastructure Security Agency views this as setting an example for state and local governments looking to strengthen their securi...

The Continuous Diagnostic and Mitigation (CDM) program has matured and broadened its offerings and full deployment of agency dashboards is on the horizon. In the last year, however, ominous high profile breaches in commercial and critical infrastructure networks have highlighted the continued importance of strong cybersecurity across federal networks. In the wake of the pandemic, federal IT managers are faced with an increasingly complex cyber...

Governments everywhere and at all levels should be applauded for finding ways to meet their citizens’ needs during the pandemic. While many agencies had continuity-of-operations plans in place, no one imagined that every agency would have to act on them at the same time. What made it possible, of course, was the rapid spread of cloud-based technology that enabled government employees to work from their own homes, frequently using their o...

Put Forescout eyeInspect (formerly SilentDefense™) through its paces during this hands-on, live event. Your instructor will help you get up to speed as you learn first-hand how eyeInspect helps you dramatically increase cyber resilience and protect your organization from whatever bad actors come your way. During this 90-minute session, you’ll perform a detailed forensic analysis of ongoing security events and discover how to automa...

Join us for the Forescout Virtual Test Drive, a hands-on tour of the Forescout platform that lets you demo the latest updates — including Forescout eyeSegment capabilities. In just 90 minutes on a Tuesday of your choice, you’ll experience: Agentless device visibility: Quickly see, classify and assess the security posture of your entire Enterprise of Things — no agents required. Real-time asset management: Build an accurate re...

Time and time again, data breaches demonstrate the pitfalls of relying on detection to identify malicious activities taking place on the network, rather than prevention of the threat in the first place. The emphasis—post event—has been what the agency did wrong. But, what if we took a different approach that allowed agencies to share what has been working for them? Both before and after. Some tips and lessons from folks who have be...