Infrastructure Series: Security Recap

New IT infrastructure modernization strategies and the COVID-19 pandemic cause new security challenges for federal agencies, and require new approaches to IT infrastructure security. This event will consider new security blueprints and the mindset shifts required to boost federal IT infrastructure security.

Atlantic Council's Trey Herr on Need for National Cyber Director

IT infrastructure security is the national security issue we sometimes forget about, but a slump in cybersecurity posture could have devastating consequences for a federal agency and ripple effects across the nation. Trey Herr, director of Atlantic Council’s Cyber Statecraft Initiative explores the case for a National Cyber Director to unite cybersecurity and IT infrastructure security efforts across the .gov landscape.

Innovating the ATO Process for Cloud Security

As cloud adoption surges in federal agencies, continuously verifying cloud infrastructure becomes a hassle, while cyber criminals and nation-state actors become savvier at hacking into servers and data centers. Some federal agencies are exploring DevSecOps practices to automate their ATO process. Speakers include:
- Royce Allen, Enterprise Cybersecurity Architect, Office of Cybersecurity Policy & Compliance, VA
- Rob Brown, CTO, USCIS
- Rob Wood, CISO, CMS
- Moderator: Erin Mirsky, Senior Vice President, GovCIO

Protecting a Mobile, Boundaryless IT Infrastructure

The COVID-19 pandemic pushed federal agencies into new cyber territory with mass telework, accelerating the trend toward mobile infrastructure and edge computing, which in turn triggered new security challenges. In the age of bring-your-own-device (BYOD), federal leaders are managing identities and using zero trust to protect an increasingly mobile, boundaryless IT infrastructure.
- Kenneth Bible, CISO, DHS
- Jennifer Franks, Director, Information Technology & Cybersecurity, GAO
- Sean Frazier, Federal CSO, Okta
- Moderator: Alex Brown, Senior Vice President, GovCIO

Urgent Needs to Secure the Cloud Supply Chain

From cloud infrastructure to software applications to software updates, cyber criminals and nation-state actors are increasingly targeting cloud supply chains. IT leaders discuss the steps necessary to protect agencies and industry partners from cloud supply chain vulnerabilities — including using frameworks like zero trust and standards via NIST and CMMC.
- Katie Arrington, CISO for Acquisition and Sustainment, DOD
- Josh O’Sullivan, Chief Technology Officer, Ardalyst
- Will Loomis, Supply Chain Cybersecurity Lead, Atlantic Council
- Moderator: Amy Kluber, Editorial Director, GovCIO Media & Research

-
SolarWinds Hack Shows Why We Need a National Cyber Director
An Atlantic Council leader advocates for greater empowerment of the CISO role.
7m read -
SolarWinds Hack Demonstrates Need for Cloud Security
Federal cybersecurity experts emphasize the importance of capabilities like zero trust to prevent future breaches.
8m read -
Feds Encourage Iterative, Automated Approaches to Cloud, ATO
VA, USCIS and CMS tech leads are streamlining processes in an effort to enhance security practices.
7m read -
Agencies Grasp Mobile Challenges of Remote IT Infrastructure
COVID-19 pushed DHS and GAO to drive identity management and zero trust to protect its IT infrastructure, as cybersecurity threats continue to increase.