Putting Zero Trust first in Defense and How that changes CDM
A look at the new priorities the Executive Order has mandated and how that affects how agencies move forward with their cyber plans.
Speakers
Matthew Plummer, Public Sector, CTO, Gigamon
Anne Armstrong, Vice President, Strategic Alliances, GovExec 360
More On Demand
November 2, 2022
Opening Keynote: Sharpening the Defensive Cyber Tools
An executive-level look at new developments in the government cyber world, including new policy directives and zero trust, an update on dashboards and revamping the CDM services
Sponsored by:
Proactive Security in Application Development: What’s on your network?
What does CDM look like when developing our own applications? What risk is present on the network, and did we create that risk ourselves? Proactive supply chain security during development is key to safeguarding our data, network, and users.
Sponsored by:
CDM Dashboards: The Challenges and the Rewards
A discussion of how CISA’s agency dashboards are collecting info on vulnerabilities and sharing it.
Sponsored by:
Putting Zero Trust first in Defense and How that changes CDM
A look at the new priorities the Executive Order has mandated and how that affects how agencies move forward with their cyber plans.
Sponsored by:
Current State of CDM and the next 10 years
A conversation between the new PM and DPM with lessons learned from CDM’s first 10 years along with open conversation on how the program should evolve to be a foundational cyber capability in every Federal agency’s toolbox.
Mitre ATT&CK!, Threat Modeling & Understanding Your Control Coverage
Organizations often struggle to adequately understand how security frameworks, GRC programs, and technical controls all work together to defend against Threat Actors and emerging threats. In today's climate of vendors promising their tools or technologies will be your security "silver bullet", many organizations lack the visibility or understanding of how their controls truly function, where control gaps may exist, or whether controls are effective at defending against the TTP's they should be prioritizing. By bridging the gaps between GRC programs, regulatory compliance, technical tooling and Threat Intelligence, security teams can be informed of where to invest time and resources to improve control coverage, or where to direct efforts to validate existing controls for efficacy to continually improve defenses.
Sponsored by:
Shared Services
A discussion of the shared cyber services available through CISA—what’s available and how it might help smaller agencies.
Building a Bigger, Better Cyber Workforce
A look at the new team of advisors at CISA—Federal Enterprise Improvement Team and the Cyber Talent Management System that allows hiring outside of the normal government policies to build a robust cyber workforce.
Planning Ahead for the Next Security Challenges
During this conversation, the Acting Chief Information Officer of the Department of Justice will review the DOJ's engagement with the CDM Program at its inception and the benefits gained, discuss the development of the program to keep focus on FISMA automation--while simultaneously evolving to support Cyber Ops--and explore the DOJ's continued engagement with the CDM Program a decade later.