2023 Government Security Solutions Forum

Free Virtual Event | Thursday, July 20, 2023 at 10:00 AM EDT
Join Us Live Online for our 3rd Government-focused Solutions Forum


Government organizations face threats, like none other. Ensuring that a robust security posture fits inside the regulatory and budget requirements of any agency is a huge feat onto itself. Add on all the threats that adversaries bring to your doorstep, and it can seem like an insurmountable task. From vulnerabilities to zero-days to patch management to user education and enablement, it’s easy for security teams to get lost in “What Should I Focus on Now?" Luckily, you are not alone in this fight. In partnership with Carahsoft, the 2023 Government Security Solutions Forum will take our cybersecurity preparedness back to basics.

During this event, we'll look at the top trends in protecting networks and securing them against adversarial threats. Continuing our tradition from last year, our forum will include a wealth of knowledgeable experts and panel discussions, offering advice and guidance on how to best counteract the threats of today, and protect your security program for tomorrow. Join us for live chats and interactive discussions with both speakers and audience, giving you a chance to bring your questions and concerns directly to our experts.

Who's Speaking During This Event?

This event brings together a wealth of knowledge from industry experts. Through panel discussions and individual presentations, these invited speakers will offer advice and guidance on how to best counteract the threats of today, and protect your security program from tomorrow.

Register Now

Save your seat today to join Matt Bromiley and invited guest speakers for this free virtual event on Thursday, July 20th.

Event Agenda

Join us Live Online to access all of the panel discussions and live chats that we have in store for this event.

Timeline (EDT)Session Details
10:00AMWelcome & Opening Remarks
Speakers:
Matt Bromiley, Event Chairperson, SANS Institute
Brian O'Donnell, Vice President, Carahsoft
10:15AMSession One | CISA, Federal Civilian Enterprise, and Zero Trust
Branko Bokan will discuss the approach Cybersecurity and Infrastructure Security Agency (CISA) takes to facilitate the adoption of zero trust in the federal civilian executive branch enterprise. CISA’s cybersecurity mission is to defend and secure cyberspace by leading national efforts to drive and enable effective national cyber defense. In a unique partnership between CISA and federal agencies, the federal enterprise leads the way towards continued modernization related to zero trust within a rapidly evolving environment and technology landscape.
Speaker:
Branko Bokan, Cybersecurity Specialist, Cybersecurity and Infrastructure Security Agency (CISA)
10:45AMPanel Discussion | Combatting Supply Chain Attacks with Zero Trust Strategies for Endpoint, Identity, and Network Security
With the increasing frequency and sophistication of supply chain attacks, it is critical for organizations to adopt a zero trust approach to their security strategy. This panel will bring together experts in endpoint, identity, and network security to discuss best practices for implementing zero trust in supply chain risk management. Panelists will explore the challenges and benefits of a zero trust model, share case studies of successful implementations, and provide practical advice for organizations looking to strengthen their security posture.
SANS Moderator:
Ismael Valenzuela, Senior Instructor, SANS Institute
Panelists:
Hansang Bae, Public Sector Chief Technologist, Zscaler
Sean Frazier, Federal CSO, Okta
Andrew Harris, Sr. Director for Global Public Sector Technology Strategy, CrowdStrike
11:30AMSession Two | Making the Most of a Distributed Workforce
One might call the U.S. military, along with the U.S. Coast Guard, the ultimate distributed workforce with bases located all around the world with the common goal of safeguarding the United States of America and its allies. We can learn from that model, as well as the many companies that employ people around the globe.
The pandemic put a focus on mobile work, which is often an aspect of distributed workforce, defined as when a company's employees work in several locations. Those locations can include headquarters and satellite offices, as well as employees' homes.
The global, cyber-connected world we all live in means we have more distributed workforces than ever, and it's important for them to do well. But it's not easy to have an effective distributed workforce. You must work hard to create a workforce that is united, effective and productive. When you have successfully managed a distributed workforce, you can also have a more diverse workforce and the ability to attract the most talented people for the job.
Speaker:
Lt. Gen. Susan Lawrence, USA (Ret.), President and CEO, AFCEA
12:00 PMBreak
12:15 PMPanel Discussion | How IT Security Can Kill A Power Grid (and other ICS environments) Let's Discuss!
Critical Infrastructure ICS/OT security is paramount to protect engineering systems we all rely on daily to maintain our modern lifestyles.
Engineering systems such as power grids, water management systems, critical manufacturing, etc., are under attack, have a different mission, impacts and security controls vs. traditional IT systems. Specific control system cyber defense strategies and ICS-aware technologies are required to meet new challenges and protect critical infrastructure systems that support our daily lives. All while maintaining the safety and reliability of facility operations.
Join us for the Industrial Control System panel as we focus on safety, the state of ICS cybersecurity to protect engineering operations, while exploring the best practices for any ICS defense program in any ICS sector globally.
SANS Moderator:
Stephen Mathezer, Certified Instructor, SANS Institute
Panelists:
Felipe Fernandez, CTO, Fortinet Federal
Ron Fabela, Field CTO, Xona
1:00PMSession Three | ISA: Predictive Analysis for Efficient Risk Reduction
The year 2022 saw a record number of identified and disclosed vulnerabilities – more than 26,000. At the same time, threat actors continued to evolve and develop new methods and capabilities to hold U.S. critical infrastructure at risk. Today’s cyber threat intelligence is inherently reactive and based on past cyber attacks and campaigns, But how can we get ahead of the threat? Infrastructure Susceptibility Analysis (ISA), developed by MITRE, is designed to leverage the indicators of cyber weapon development commonly ignored in cyber threat intelligence. Combined with observed techniques of past campaigns, analysts identify the most likely targets of adversary manipulation. This enables organizations to direct limited resources against those cyber weaknesses that are most likely to be exploited for improved efficiency in risk reduction.  
Speaker:
Sarah Freeman, Principal Cyber Engagement Operations Engineer, MITRE
1:30PMPanel Discussion | Supply Chain Security
The 2023 Verizon Data Breach Investigation report noted that 62% of breaches in 2022 involved a supply chain partner. Software supply chains in particular have gotten more complex, and that complexity increases the likelihood of vulnerabilities. As government agencies have improved local security controls, attackers have often found the supply chain to be the most vulnerable point of entry.
Increased publicity around supply chain attacks have led to President Biden's recent Executive Order: 14028, mandating deadlines for improvements in federal software, supply chain security and the release of NIST 800-161 guidance.
With increased risk and auditor attention to supply chain security, government agencies need to act to evaluate risks, weed out insecure supply chain partners and mitigate risks that cannot be avoided. This SANS panel will bring together experts in the field of supply chain security to discuss what first movers have already done to reduce supply chain risk, and what the next high priority steps need to be. Don't miss it!

SANS Moderator:
John Pescatore, Director of Emerging Security Trends, SANS Institute
Panelist:
Brandon Dobrec, Director of Product Management, ExtraHop Networks
Thomas Roeh, Director of Engineering - US Public Sector, ExtraHop Networks
2:15PMBreak
2:30PMSession Four | Cybersecurity is Everywhere: Impact on Training and Workforce
The need to secure data, devices, and networks is pervasive in today’s interconnected world.  That means that we must not only protect and defend against cybersecurity risks, we must also develop products and services that are secure by design and be prepared to respond and recover to cybersecurity incidents.  Consequently, if the need for cybersecurity is everywhere, so are the job opportunities and the need to grow and sustain a skilled cybersecurity workforce.
Speaker:
Rodney Petersen, Director of the National Initiative for Cybersecurity Education, National Institute of Standards and Technology (NIST)
3:00PMPanel Discussion | Solving the Cybersecurity Skills Gap: A Collaborative Approach
The clock is ticking on the cybersecurity skills gap, and time is running out. As the number of cyberattacks continues to rise, we need to act fast to address the shortage of qualified professionals in the field. Our virtual panel brings together thought leaders from private companies and public entities to discuss urgent solutions to this pressing issue. Join us as we explore the latest strategies for training and developing the cybersecurity workforce we need to stay safe and secure in the digital age.
SANS Moderator:
Naomi Buckwalter, Director of Product Security, Contrast Security
Panelists:
Ernest McCaleb, Founder & CTO, Animate Cyber, Inc.
Roy Zur, Founder & CEO, ThriveDX Enterprise
3:45PMClosing Remarks
Speaker:
Matt Bromiley, Event Chairperson, SANS Institute

Carahsoft_470x382.png

In Partnership With

We'd like to give a HUGE thank you to the Carahsoft team for teaming up with us to bring this event to life, providing a virtual platform for experts to offer advice and guidance on how to best counteract the threats of today, and protect your security program for tomorrow.

Partners

Thank you to the invited speakers from these listed partners for spending the day with us to share your insights with the cyber community.

What 2022 Attendees Say

Here's what previous event attendees said about their experience.
"Thanks for the great information, tips and insights!"
"Thank you for your presentations. Great information to consider within the cyber front."
"Thank you for a great line-up of speakers! This was pretty eye opening for me!"