Zero Trust is a key component of every federal IT initiative and modernization effort. The Executive Order on Improving the Nation’s Cybersecurity, the CISA Zero Trust Maturity Model, the DISA Zero Trust Architecture, and various NIST guidance all include mission critical elements for Zero Trust implementation. Although the principals of Zero Trust are widely accepted, the implementation process is a detailed and time-consuming process....

The Executive Branch has made it clear the United States needs a more resilient and secure supply chain to ensure economic prosperity and national security. The supply chain is only truly secure when all entities throughout the public sector supply chain carry out effective and coordinated security measures to ensure the integrity of supply chain data, the safety of goods, and the security of the respective agency. This virtual workshop will r...

A recent report from the Center for Strategic and International Studies says the Department of Defense needs to strengthen its software design in order to maintain a competitive edge against foreign adversaries. Harnessing the power of data and analytics remains a critical part of achieving mission goals across all federal agencies. Government organizations need to constantly innovate and strengthen software design in order to stay ahead of th...

As the government moves increasingly towards digital infrastructure, geopolitical tensions rise, and individuals access more endpoints from more locations than ever before, a strong cyber posture must be embedded in everything agencies do. Policy guidance such as the cyber executive order, NIST’s updated security risk framework, and the Cyberspace Solarium’s recommendations offer strategic direction while tactical playbooks such as...

The Continuous Diagnostics and Mitigation (CDM) program is a way government agencies move toward fortifying their cybersecurity networks and systems. It was developed in 2012 to provide government agencies with risk-based cybersecurity solutions to protect federal civilian networks across organizational tiers. Specifically, CDM helps federal agencies identify cybersecurity risks, prioritize those risks, and enable staff to focus on those prior...

The Continuous Diagnostics and Mitigation (CDM) program is the way government agencies move toward fortifying their cybersecurity networks and systems. It was developed in 2012 to support government-wide risk-based cybersecurity solutions to assist participating agencies improve their security posture consistently and cost-effectively. In this virtual workshop, government & industry experts will provide the following: a status update on CD...

Zero Trust is a key component of every federal IT initiative and modernization effort. The Executive Order on Improving the Nation’s Cybersecurity, the CISA Zero Trust Maturity Model, the DISA Zero Trust Architecture, and various NIST guidance all include mission critical elements for zero trust implementation. Although the principals of Zero Trust are widely accepted, the implementation process is a detailed and time-consuming process....

Cybersecurity is paramount in every phase of a system lifecycle. Professionals involved in Test and Evaluation are increasingly tasked with more rigorous controls, more complicated interconnections, and more contested operating environments. Cybersecurity is applied across all Government domains from common tactical networks to weapon systems. Instead of focusing on the depth of cybersecurity T&E in a single space, this workshop will focus...

In a digital world where almost everything is connected, protecting the supply chain of products becomes even more critical to protecting the security of the data, the networks, and the people using those products. Several high-profile breaches have been linked to supply chain issues, and agencies have received multiple policy directives and guidance as they work to secure their large attack surfaces. A number of tools are now available to hel...

4, ba Are your ITGC audits really helping to reduce your cybersecurity risks? This CPE internal auditor training event is designed for the financial auditor and IT auditor who need to improve their practical knowledge covering information technology general controls (ITGC). The attendees are walked through the concepts and frameworks that are important to the ITGC internal audit activities in order to create an added value for their organizati...