Cybersecurity compliance frameworks are curated with the most effective methodologies an organization can take to prevent cyberattacks and reduce the impact if one occurs. If passed in current form, NIST 800-171A Rev.3 final public draft will adopt substantial changes to existing compliance controls required by the Cybersecurity Maturity Model Certification (CMMC). All those within the Defense Industrial Base will be required to observe subst...

Agencies increasingly rely on Software-as-a-Service (SaaS) platforms such as Salesforce for mission-critical functions, which offers them numerous benefits including flexibility, reducing upfront IT resource costs and delegating upgrades and patches to the provider. Using Salesforce does not remove the agencies’ responsibility for cybersecurity, however, and SaaS applications face their own risks, including misconfigurations, poor access...

Join us as thought leaders from government and industry discuss the evolution of Salesforce security threats, operational continuity requirements, Zero Trust security principles, and practical strategies for protecting data against targeted attacks and insider incidents. Learning Objectives Review the kinds of cyber threats facing Salesforce, such as expanding an agency’s external attack surface and unclear responsibilities in the event...

Ever since the issuance of Executive Order 14028, issued in May 2021 to improve cybersecurity across the entire government by implementing a zero trust architecture, federal agencies have been hard at work to meet the requirement. Then, in October 2023 – less than 18 months later – a new executive order, 14110, was released on the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.” These are...

Defense Strategies Institute is proud to announce the 5th Annual Digital Forensics for National Security Symposium on May 15-16th, 2024. The Digital Forensics Symposium will bring together IC, DoD, federal government, industry, and academia in a town hall style forum to collaborate across the community on ways to advance digital forensics solutions to support criminal investigations, crime prevention, and threat mitigation efforts.The symposiu...

Federal agencies have been ordered to move toward zero trust architectures with alacrity, through Executive Order 14028 on improving cybersecurity and the Office of Management and Budget’s two memoranda, M-22-09 on meeting zero trust cybersecurity principles, and M-21-31 on improving investigative and remediation capabilities following cyber breaches. The Department of Homeland Security observed in its Zero Trust Implementation Strategy...

There is a lot of documentation about a zero trust architecture, as well as directives that it be used for U.S. federal agencies and the Department of Defense (DoD), but little information on how to go about implementing it to improve an organization’s enterprise or DoD weapon system security. Use cases typically describe requirements for these systems, but they do not provide the contextual awareness that organizations need to help them...

DSI’s 10th Annual Identity Management Symposium will address the importance of developments across the biometric and identity management sectors as they relate to national security. Biometrics and identity management systems stand as crucial pillars in fortifying the security infrastructure of the U.S. federal government. As technology evolves, the need to safeguard sensitive information and maintain the integrity of federal accounts bec...

Adopting a zero trust policy has become imperative for agencies aiming to safeguard their digital assets against increasingly sophisticated threats. It represents a true paradigm shift, away from traditional perimeter-based security models to a more dynamic, trust-never always-verify approach. One critical part of implementing zero trust is managing digital identity – ensuring that access to resources is securely managed and continuously...

In an era of escalating cyber threats, a proactive approach is essential. This panel will highlight how zero trust principles can be augmented by comprehensive visibility and advanced analytics. By monitoring user behaviors, network traffic, and device activities, federal agencies can gain real-time insights into potential threats, swiftly detecting anomalies and unauthorized activities. This approach empowers agencies to respond promptly to s...