Zero Trust / Cyber Track Emcee
Dan Mintz, Chair, Dept of Information Technology, School of Cybersecurity and Information Technology, Collegiate Associate Professor, University of Maryland Global Campus
7:30am
Registration
8:30am
Large Scale Zero Trust Cultural Change: From C-Suite to Practitioners
Many within government IT security community believe for Zero Trust to be successful it is essential to create an organization wide Zero Trust culture. The Zero Trust philosophy requires agencies to get everyone to recognize they have a vested interest in security. Cybersecurity leaders must lead by having the right conversations within their agencies. This kick off panel session at Zero Trust @930gov will gather key government IT security professionals to share how to develop and inspire trust to succeed with Zero Trust.
Brian Gattoni, Chief Technology Officer, CISA
Ida Mix, CISO, Bureau of Industry and Security, Department of Commerce
Torey Vanek, Director of Strategic Product Management for Government and Regulatory, Veracode
Nicole Willis, CTO, Office of Management and Policy, OIG, HHS
10:30am
Identity & Access Security: How to Continually Monitor User Access Rights
Ross Foard, IT Specialist (INFOSEC), CISA
Jamie Holcombe, CIO, USPTO
Michele Thomas, Deputy Chief Technology Officer, Senior Advisor for Automation Services, OASAM/Office of the Chief Information Officer, U.S. Department of Labor
11:15am
Enterprise Approach to Zero Trust
Randy Resnick, Director, Zero Trust Portfolio Management Office, DoD
11:45am
Zero Trust in the Security Operations Center
Zero Trust is a security framework requiring all users, whether in or outside the agency’s network, to be authenticated, authorized, and continuously validated for security before being granted access to applications and data. Zero Trust is an ongoing process requiring continued refinement as each agency’s business requirements and subsequent technology shifts occur. Continuous monitoring is a core component in any Zero Trust strategy and goes beyond any single security tool. This makes the role of the Security Operations Center (SOC) critical to continually audit and maintain the agency’s Zero Trust security posture. Even if a government agency has a mature Zero Trust implementation securing users, applications and workloads, the agency still needs a SOC for threat detection, response, and risk management. This session will focus on the benefits of automating the Security Event and Incident Management in the SOC to provide security analysts with real-time, actionable data to enable agencies to better investigate and remove threats effectively and efficiently.
David Hagy, Federal Sales Manager Cortex, Palo Alto Networks
1:30pm
How to Apply Zero Trust Methodology into Existing Systems
The Federal Government has acknowledged Zero Trust as an effective means to prevent cyberattacks. But where should an agency begin the process? Following existing cyber security procedures has left some agencies hesitant to begin their Zero Trust journey. This panel of subject matter experts will share ideas on how to augment existing security architecture with Zero Trust principles while allowing agencies to take advantage of tools & technologies already available.
Don Maclean, Chief Cyber Security Technologist, DLT Solutions
2:00pm
How to Create a Comprehensive Zero Trust Strategy
Many agencies are in the process of developing a comprehensive Zero Trust Strategy with the goal of implementation throughout the enterprise. Essential components of a successful Zero Trust transformation include effective communication, changing culture, coordination, adjusting processes, and training personnel. It also involves monitoring, collecting, and measuring data to compare against previously established metrics for success. This closing session will summarize the steps and processes agencies can take to ensure long-term security of their systems.
Monica Montgomery, Deputy Chief Information Security Officer for Management and Strategy and
Deputy Director, Cybersecurity Office, National Geospatial-Intelligence Agency (NGA)
Randy Resnick, Director, Zero Trust Portfolio Management Office, DoD
Andrea Simpson, Chief Information Security Officer / CIO (Acting), FCC
Kynan Carver, DoD Cybersecurity Lead, Maximus