Day 1: Modernization of Legacy Security Systems
One of the biggest vulnerabilities state and local governments face is the huge installed base of legacy hardware and software. They are very expensive to maintain, draining resources that could be used to offer new, internet-based services. They often are riddled with security flaws, from bad code to unsecured ports –it’s next to impossible to keep up with all the patches that need to be implemented.
The pandemic revealed just how badly these systems need upgrading when millions of Americans struggled to file for pandemic-related unemployment and it took the IRS 20 weeks to send pandemic relief checks to eligible taxpayers.
Join us as thought leaders from government and industry discuss the barriers to updating legacy systems, the challenges to improving security for them, the possible role of the federal Technology Modernization Fund in making changes, and how integration of new technologies such as cloud are attempting to provide more resilience, among other topics.
- Kevin Walsh, Director, Information Technology & Cybersecurity Team, GAO
- Steven Cates, Senior Director of Solutions Architecture, CyCognito
Day 2: Ransomware
Ransomware cyberattacks vaulted into public awareness with a vengeance when an East Coast gasoline pipeline shut down for days, causing a shortage and long lines at the gas pump when drivers panicked. But hospitals, schools and local governments have been dealing with ransomware threats for some time.
The federal government takes the threat seriously. The Cybersecurity and Infrastructure Security Agency, in the Department of Homeland Security, has a dedicated web page that provides educational information, resources, and a reporting link, devoted to the topic.
Join us as thought leaders from all levels of government and industry discuss their own efforts to combat ransomware and strengthen their system protections against it.
- Josh Leiling, Assistant Director of IT & Cybersecurity, GAO
- James M.T. Morrison, Distinguished Technologist – Cybersecurity, Office of the North America CTO, Hewlett Packard Enterprise
Day 3: Securing the Supply Chain
In the end, any IT system is only as secure as its various components. Federal, state, and local agencies have learned that the hard way, as software platform and application providers have been hacked as a way to get into government systems.
The Executive Order on Improving the Nation’s Cybersecurity issued by the White House in May dedicates Section 4 to the topic of enhancing the security of the software supply chain. It includes a directive that in future agencies will only acquire software that meets standards to be set by the National Institute of Standards and Technology, and that software products not meeting that standard will no longer be listed on GSA schedules. Since software companies are unlikely to want to support two versions of the same product – one certified, one not – this is likely to positively affect the security posture of state and local governments and the private sector, as well.
Join us as thought leaders from all levels of government and industry share their experiences with supply chain hacks and the measures they took to address their risks.
- Matthew Butkovic, Technical Director, Cyber Risk & Resilience, Carnegie Mellon Software Engineering Institute
- Joel Bork, Senior Threat Hunter, IronNet Cybersecurity
Day 4: Blockchain Security
Blockchain is most commonly considered the foundation for cryptocurrency – the usual form of payment by ransomware demands – because it is a method of recording information that makes it difficult to impossible to change, hack, or cheat records of transactions. It’s a form of “distributed ledger” that records every transaction to every participant’s copy of that ledger.
As a result, blockchain holds great potential to provide high levels of security for government agencies, provided they understand that transparency of transactions also is one of its characteristics.
Join us as thought leaders from government and industry discuss what blockchain is, how it works, what its benefits and drawbacks are, and how they are considering using it in their operations.
- Mark Canter, Assistant Director, GAO
- Amanda Wick, Chief of Legal Affairs, Chainalysis
Day 5: Phishing
Of all the security threats that face IT, phishing stands out because it is not an attack on the technology – it is “social engineering,” getting incautious users to click seemingly innocuous links or visit seemingly harmless websites and allowing hackers to steal user names, passwords, financial data, or other information they can use. Phishing also is one of the oldest tricks in a hacker’s book, pioneered in the mid-1990s.
Today, phishing is usually a “gateway crime” – hackers often use it as a way to get the credentials to gain entry into the broader IT system and launch other attacks, such as ransomware.
Join us as thought leaders from government and industry discuss why users continue to fall for phishing schemes, how to protect government or employee data to prevent phishing, and strategies to educate users and keep them from taking the bait.
- Gerald J. Caron III, CIO, HHS/OIG
- Valecia Stocchetti, Senior Cybersecurity Engineer, CIS Controls
- Mike Watson, CISO, Commonwealth of Virginia
- Karen Worstell, Senior Cybersecurity Strategist, VMware
Participants can earn 1 CPE credit for each webinar for a total of 5 CPEs in Business Management & Organization.*
* To receive CPE credit you must arrive on time and participate in the surveys throughout. Certificates will be e-mailed to registrants. In accordance with the standards of the National Registry of CPE Sponsors, 50 minutes equals 1 CPE. By providing your contact information to us, you agree: (i) to receive promotional and/or news alerts via email from Federal News Network and our third party partners, (ii) that we may share your information with our third party partners who provide products and services that may be of interest to you and (iii) that you are not located within the European Economic Area.
What is CART?
CART (communication access realtime translation) provides instant accessibility for all participants by delivering the spoken word as a realtime stream of text.
CART Captioner Professional Certifications
CART feed can be viewed on desktop, laptop, tablet or Smartphone.
After opening CART link, resize and move the text box anywhere on the screen.
Click the tabs at the top of the text box and choose your font, font size, font color and background color.
Click the Transcript tab at the top of the text box at any time to view event transcript.
Close transcript to return to live CART.
Our CART services are provided by Home Team Captions. All of our CART captioners hold, at minimum, the CCP (Certified CART Provider) certification, or higher, from NCRA (National Court Reporters Association.)
To view the CART feed for this webinar: Register for this webinar, login from the link provided, and click on the CART Tab and click the link to begin using CART.