Federal Solutions Forum

Today, defenders have in their arsenal faster and more capable technology than ever before. We can build robust prevention, detection, and response processes that augment and empower security analysts. In this solutions forum, we’re going to look at four areas of technology that deliver these improvements and help bolster an organization’s security posture:

  • Zero Trust
  • Endpoint Detection and Response
  • Identity and Access Management
  • Ransomware
Federal_Solutions_Forum.jpg

In Partnership With

Carahsoft-Blue-Logo-Web.png

Sponsors

centrify-logo-sized-768x384.jpgfortinet-logo.pngGigamon-Logo.pngDigitalnetwitness-logo-RGB.PNGOkta_Logo_BrightBlue_Medium.pngRadiant_Logic_Logo.jpgsplunk_logo.pngZscaler_Logo.png

Timeline
(EDT)

Session Description

10:30 AM

Opening Remarks

In the world of information security, it often feels like we are on the edge of our seats (or a rocky precipice), waiting for the next attack to take place – unsure of which network will be struck first. In the first half of 2021 alone, threat actors have launched attacks that have crippled pipelines and disrupted schools, hospitals, and supermarkets, demanding tens of millions of dollars in extortion fees and ransom payments along the way. It is easy to look at this landscape and feel like defenders do not stand a chance. However, the truth is quite the opposite.

Today, defenders have in their arsenal faster and more capable technology than ever before. We can build robust prevention, detection, and response processes that augment and empower security analysts. In this solutions forum, we’re going to look at four areas of technology that deliver these improvements and help bolster an organization’s security posture:

  • Zero Trust
  • Endpoint Detection and Response
  • Identity and Access Management
  • Ransomware

Matt Bromiley, SANS Instructor
Brian O'Donnell, Vice President, Carahsoft Technology Corp.

10:45 AM

Zero Trust Panel

In the wake of the massive breach of computer systems of multiple government agencies discovered in December 2020, the US Federal Government is recommending that a Zero Trust security model be considered for all critical networks. As part of this major push to promote ZT adoption, DISA, NIST and NSA are releasing specific guidelines. NSA for example, notes that Zero Trust principles should be implemented in most aspects of a network and its operations ecosystems to become fully effective, while DISA highlights the need to rethink how we utilize existing infrastructure to implement security by design in a simpler and more efficient way while enabling unimpeded operations. Join this discussion to learn what is Zero Trust, what it is not, and how to apply it practically.

Moderator: Ismael Valenzuela, SANS Instructor

Panelists:
Juliana Vida, GVP, Chief Strategy Advisor - Public Sector, Splunk
Lisa Lorenzin, Senior Director of Transformation Strategy, Zscaler
Martyn Crew, Senior Director, Solutions Marketing & Technologies, Gigamon

11:25 AM

Malware and Ransomware in Federal Environment

Cybersecurity threats are no stranger to most federal agencies. How big of a risk used to be driven by the particular agency. Sure, those in DoD and DoJ have long understood they are in the crosshairs. But what if you work at the U.S. Board of Geographic Names (yes, that's a real agency)? Ransomware is definitely in your threat model. But the reality is that malware is to every federal agency, regardless of size or mission. And they face a very motivated threat actor who won't run away just because another target is weaker. In this session, Jake will discuss why EVERY federal government agency (and contractor) can be used to satisfy an adversary's intelligence requirements (even if it's "only" through a supply chain attack). Then we'll discuss what you can do with that knowledge to ruin an adversary's day (or at least make them work a LOT harder).

Jake Williams, SANS Instructor

11:55 AM

Endpoint Panel

Endpoints represent perhaps the widest and most diverse footprint that any organization can have. Encompassing old and new technologies, endpoints present multiple challenges as they cannot simply be secured with the “push of a button.” Join us for this expert panel discussion where we look at modern endpoint detection and response technologies, and how they assist organizations in defending against attacks – today and tomorrow.

Moderator: Matt Bromiley, SANS Instructor

Panelists:
Aamir Lakhani
, Senior Red Team Researcher, Fortinet
Ben Smith
, Field Chief Technology Officer, RSA NetWitness

12:35 PM

Break

12:45 PM

Degree Programs & Funding for Federal Employees

This session provides an overview of the SANS Technology Institute (SANS.edu), an accredited college offering career-focused graduate and undergraduate programs at the cutting edge of cybersecurity. At this event, you’ll learn about the curriculum, faculty, and flexible structure of the SANS.edu programs, as well as the admissions process. We’ll focus on options Federal Employees, like FBI or DoD, may pursue to cover the cost of tuition and discuss how previously completed SANS courses and GIAC certifications may be applied to programs at SANS.edu.

Kim Kafka, Admissions Specialist, SANS Technology Institute
Shay Christensen
, Special Agent, FBI

1:15 PM

Congratulations! You're a supervisor!

It's a common scenario: We need to hire or backfill a team lead or supervisor so we reach into the team, tap the team's top contributor, and "promote" them. Unfortunately, we sometimes forget that the skills that make a top contributor aren't usually the same skills that make a good supervisor. If we don't give our newly minted supervisors the skills and knowledge they need to succeed, then it's our fault if they fail - not theirs. This session will cover key differences between individual contributor and supervisory roles, common issues faced by unprepared supervisors, and how we can help our newly minted supervisors flourish.

Greg Scheidel, IronVine & SANS Instructor

1:45 PM

Identity & Access Management Panel

Identify is much more than a simple username and password. Now and in the future, to better secure our customers and organizations, we will have to improve in how we identify our users. Data breaches are in the national media every week, how can better stop this from happening? Zero Trust offers possibilities, but perhaps complexity in implementation. Passwords are legacy while other factors such as biometrics offers better ease-of use and in many cases better security, are we seeing biometrics and other factors implemented instead of passwords and at which rate?

Ransomware has been a bane against our industries for many years now, and the threat actors are much more cautious and smarter in their deployments, often requiring reactions from organizations within hours of incidents developing. Can Endpoint, Detection and Response keep up? Do we have the necessary escalation chains to isolate and prevent further damages fast enough, often impacting valuable production environments.

Moderator: Chris Dale, SANS Instructor

Panelists:
Sean Frazier, Federal CSO, Okta
Wade Ellery, VP of Solutions Architects, Radiant Logic
Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic Centrify

2:25 PM

Wrap-Up

Matt Bromiley, SANS Instructor