Virtual Government Cybersecurity Summit: Hosted by GovInfoSecurity

In this exclusive session, three former US CISOs will share an unvarnished view into the challenges, innovations and lessons learned during their tenure implementing information security across the Federal Government.

The conversation will focus on how the Federal CISO position has expanded to meet new challenges, shaped federal cybersecurity strategies, and responded to an ever-changing threat environment. Panelists will discuss the key responsibilities of the role, the significant obstacles they faced, and the lessons they learned while leading the nation’s cybersecurity efforts.

Key Discussion Points:

• From Inception to Evolution: How the Federal CISO role has developed and adapted to address increasingly complex cyber threats.
• Leadership Challenges: An examination of the major challenges faced by the nation’s “First-CISO”, including securing federal networks and coordinating across agencies.
• Lessons Learned: Essential insights from the experiences of those who have shaped the federal approach to cybersecurity.
• Future Directions: The evolving role of the Federal CISO and the emerging challenges that will shape the next phase of federal cybersecurity leadership.

We will explore effective models of collaboration, discuss how trust is built and maintained, and examine the crucial role of information sharing. By learning from leaders who have successfully bridged the gap between government and industry, attendees will gain valuable insights into creating a more secure digital future.

We will also address the unique challenges and opportunities for small and medium-sized enterprises in these partnerships, highlighting strategies for their involvement. Additionally, the session will cover how collaborative efforts can improve incident response and recovery, and the ways in which emerging technologies are being leveraged to enhance these efforts. Key examples will include initiatives by the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA), which provide frameworks and support for public-private cooperation.

Key Takeaways:

• Effective Models of Collaboration: Gain insights into successful public-private partnerships, such as those facilitated by CISA, and understand how these models can be implemented in your organization.
• Building Trust and Information Sharing: Learn strategies for fostering trust and optimize information sharing between public and private sectors to enhance cybersecurity resilience.
• Incident Response and Recovery: Discover how collaborative efforts between government agencies and private companies can significantly improve incident response and recovery processes.

Costello will share insight from CISA’s strategic action plan, which focuses on responsible AI use, securing AI systems and mitigating AI-related threats to critical infrastructure. Additionally, the discussion will highlight the evolving cyber risks and how AI can be leveraged to enhance national security. Attendees will also learn how their organizations can utilize AI to enhance their cybersecurity posture, with insights into CISA’s available resources and collaborative opportunities. This is a unique opportunity for information security practitioners in government to gain valuable insights from one of the leading voices in the field.

Key takeaways:

• Detailed understanding of CISA’s AI road map: Learn the specific steps and timelines in CISA’s comprehensive plan for integrating AI into national cybersecurity efforts, including key initiatives and expected outcomes.
• Best Practices for secure AI system development: Gain in-depth knowledge of CISA’s guidelines for secure AI system development, including specific risk mitigation techniques, compliance requirements, and examples of successful implementation.
• Advanced strategies to protect critical infrastructure: Discover CISA’s latest strategies for using AI to defend against sophisticated threats targeting critical infrastructure, with real-world examples, actionable recommendations, and insights into collaboration with international partners and private sector stakeholders.
• Leveraging AI for enhanced cybersecurity: Explore how organizations can implement AI to improve their cybersecurity posture, utilizing resources and guidance from CISA to stay ahead of emerging threats and enhance overall cyber resilience.

She’ll discuss VA’s approach to tackling modern cybersecurity threats, including ransomware, and the impact of incidents like the Change Healthcare breach on shaping stronger defenses. Additionally, she will highlight key accomplishments, including VA’s Zero Trust strategy and the use of Agile methodologies to safeguard sensitive information.

Attendees will also hear how VA is re-imagining tabletop exercises to prepare for emerging threats and how this shift enhances overall readiness. Ms. Sherrill will explore the proactive measures being implemented to stay ahead of new risks, ensuring VA’s resilience and security across the Department’s operations.

Natarajan will provide a comprehensive overview of CISA’s Secure Our World campaign and will delve into the importance of integrating security into the fabric of our IT systems and software. The session will also highlight opportunities for improved collaboration between government and industry. Attendees will come away with actionable strategies to strengthen their cybersecurity defenses and effectively navigate the ever-evolving threat landscape.

Experts will discuss the potential shifts in cyber governance, considering the influence of political leadership, the role of federal and state regulations, and the impact of international policies. Attendees will gain insights into the key regulatory challenges and opportunities that lie ahead, learning how to anticipate and adapt to these changes to maintain compliance and enhance their security posture. This discussion will equip organizations with the knowledge to engage effectively with policymakers and ensure regulatory stability in a dynamic political environment.

Key takeaways:

• Regulatory Changes: Understand the potential shifts in cybersecurity regulations and the impact of new political leadership on these policies.
• Preparation Strategies: Learn how businesses can anticipate and adapt to regulatory changes, ensuring compliance and robust cybersecurity measures.
• Public-Private Collaboration: Explore the importance of cooperation between government and industry in shaping effective cybersecurity regulations and responses to emerging threats.

Key Takeaways:

• Evolving Threat Landscape: Understanding the sophisticated threats targeting FCEB agencies, including APT actors and the expanding attack surface.
• Strategic Cybersecurity Initiatives: Best practices and strategies for enhancing cybersecurity across executive departments, independent agencies, regulatory commissions, and government corporations.
• Collaboration and Information Sharing: The importance of inter-agency cooperation and real-time information sharing to strengthen the overall security posture of the FCEB.
• Future Directions: Emerging technologies and innovative approaches to safeguard federal operations and public programs in an increasingly digital landscape.

Engage with thought leaders who are at the forefront of technology and security innovation as they analyze the new vulnerabilities introduced by these advancements and explore strategies for mitigating associated risks.

Attendees will gain insights into how IoT devices are increasing cyber risk and the steps necessary to secure these networks, highlighted by incidents like the 2020 SolarWinds cyberattack. The session will also cover the impact of 5G deployment on cybersecurity, drawing on CISA’s initiatives to secure 5G networks. Additionally, we will discuss the implications of quantum computing on current encryption standards and the urgent need for regulatory frameworks, as emphasized by the Biden administration’s Executive Order on Improving the Nation’s Cybersecurity. We will also examine the dual role of AI in both enhancing cybersecurity defenses and being exploited by adversaries. This discussion aims to equip organizations with the knowledge to integrate these technologies securely into their operations and collaborate effectively with regulators to enhance cyber risk management.

Key Takeaways:

• Mitigating IoT, 5G, and AI Risks: Learn how IoT devices, 5G networks, and AI technologies are transforming cyber threats and discover effective strategies for securing these technologies.
• Quantum Computing Impact: Understand the potential effects of quantum computing on encryption and what steps can be taken to prepare for these changes.
• Regulatory and Collaborative Measures: Explore the necessary regulatory measures and the role of collaboration between technology developers and regulators in managing emerging cyber risks.