Roundtables – Federal News Network https://federalnewsnetwork.com Helping feds meet their mission. Mon, 27 Jun 2022 15:40:13 +0000 en-US hourly 1 https://federalnewsnetwork.com/wp-content/uploads/2017/12/cropped-icon-512x512-1-60x60.png Roundtables – Federal News Network https://federalnewsnetwork.com 32 32 Federal Executive Forum Chief Technology Officer – Profiles in Excellence https://federalnewsnetwork.com/cme-event/federal-executive-forum/federal-executive-forum-chief-technology-officer-profiles-in-excellence/ Fri, 24 Jun 2022 16:17:39 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=4119161 Date: July 6, 2022
Time: 1:00 pm ET
Duration: 1 hour
Cost: No Fee

Description:

The Federal Executive Forum explores emerging challenges of being a chief technology officer with the technology executives that are making innovation happen.

During this webinar, you will gain the unique perspective of the chief technology officers from the Department of Homeland Security, Department of Labor, U.S. Marshals Office, NAVWAR and industry leaders. Learn what it takes to ensure that technology in government continues to evolve.

The following chief technology officers will expand on the aspects of emerging technologies and innovation in government:

  • David Larrimore, Chief Technology Officer, Department of Homeland Security
  • Carly Jackson, Chief Technology Officer, NAVWAR
  • Sanjay Koyani, Chief Technology Officer, Department of Labor
  • Christine Finnelle, Chief Technology Officer, U.S. Marshals Service
  • Jonathan Alboum, Federal Chief Technology Officer, ServiceNow
  • Paul Moxon, Senior Vice President of Data Architecture & Chief Evangelist, Denodo
  • Kaladhar Voruganti, Senior Fellow, Office of the Chief Technology Officer, Equinix
  • Moderator: Luke McCormack, Host of the Federal Executive Forum
Panelists also will share lessons learned, challenges and solutions and a vision for the future.
              

Registration is complimentary. Please register using the form on this page or call (202) 895-5023.

]]>
Federal News Network’s 2022 Zero Trust Exchange https://federalnewsnetwork.com/cme-event/federal-insights/federal-news-networks-2022-zero-trust-exchange/ Fri, 15 Apr 2022 16:04:21 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=4012170

 

                                                                             

The clock is ticking. Agency IT and security teams have until August 2024 to implement zero trust architectures (ZTAs), as directed by the Biden administration executive order on improving the nation’s cybersecurity. The goal? To increase their security rigor as the perimeters of federal networks have become increasingly dynamic, and to defend against persistent threat campaigns aimed at government systems, networks, users and data.

Over three afternoons, beginning June 21, Federal News Network will share expert insights and advice on implementing zero trust — as well as detail where agencies are in their move to zero trust and early lessons learned. Taking our cue from CISA’s Zero Trust Maturity Model, Day 1 will focus on people, Day 2 on devices and Day 3 on data and applications.

Federal CISO Chris DeRusha will kick off the event and talk with Federal News Network Executive Editor Jason Miller about the state of the government’s zero trust efforts and how the Office of Management and Budget is tracking progress against the administration’s executive order on improving cyber.

Here’s a look at a few of the other federal cybersecurity leaders participating:

Air Force: Raju Ranjan, Technical Lead for Air Force Zero Trust, and Capt. Christopher Kodama, Military Engineer, AFNet Sustainment and Operations Branch

Cybersecurity and Infrastructure Security Agency: Eric Goldstein, Executive Assistant Director for Cybersecurity, and John Simms, Senior Technical Advisor

Federal Deposit Insurance Corporation: Stephen Haselhorst, Zero Trust Manager

NASA: Christine Gex, Intelligent Automation Service Lead, NASA Shared Services Center, and Mike Witt, Senior Agency Information Security Officer and CISO for Cybersecurity and Privacy

National Archives and Records Administration: Sheena Burrell, Deputy CIO

National Security Agency: Kevin Bingham, Zero Trust Lead, Cybersecurity Directorate

Navy: Louis Koplin, Deputy CTO; Justin Fanelli, Technical Director, Program Executive Office Digital and Enterprise Services; and Curt Parker, Lead Engineer, Naval Identity Services

Industry experts from Carahsoft, Okta, Intel, Amazon Web Services, AvePoint, CrowdStrike, Dell Technologies Federal Systems, Forescout Technologies, Juniper Networks, Infoblox, RSA, Splunk, Tetrate, VMware and Zscaler will also share their insights.

Register now to join Federal News Network editors and cybersecurity experts from across the federal IT landscape as we zero in on all things zero trust!

Please register using the form on this page or call (202) 895-5023. Note: you do not need to register separately for each day. Once you register, you will have access to all three days of the event.

]]>
Federal News Network’s 2022 Industry Exchange: Data https://federalnewsnetwork.com/cme-event/federal-insights/federal-news-networks-2022-industry-exchange-data/ Mon, 04 Apr 2022 15:38:14 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3993804

Data continues to proliferate. It’s everywhere and increasingly unstructured.

During Federal News Network’s Industry Exchange: Data, join us as we feature data science experts from across the federal IT industry to share insights about the latest technologies and offer advice for capitalizing on federal data.

On May 2, the Federal Drive’s Tom Temin will chat with industry experts to reveal answers to questions like:

  • How do I make sure my team is gathering the right data – or even can, in the case of unstructured data in free-text fields, video, phone and text messages, and more items now used for work?
  • What technology and tools can help my agency analyze data in real time?
  • How has data storage and archiving evolved?
  • What’s the best way to provide data transparency and serve up data to users at the edge?
  • How can we lean into data science and adopt artificial intelligence and machine learning to make progressively smarter decisions?

Register now for a virtual seat at the table to get tactical tips and advice on all things data. Participants at our Industry Exchange events receive our Federal News Network badges. Each one features a unique tech image related to the topic of the exchange.

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
Zero trust paves the way for agencies to take a people-centric approach to cyber https://federalnewsnetwork.com/cme-event/federal-insights/why-zero-trust-starts-with-people/ Tue, 29 Mar 2022 17:08:22 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3984696 Date: On demand
Duration: 1 hour
Cost: 
No Fee

Over the last two years, it’s clear that when it comes to your agency’s or organization’s security, your people are your first and last line of defense.

The old model of building walls around your network and applications hasn’t worked for years, but it’s only in the last two years that agencies realized stopping cyber attacks starts with their workforce.

The goal really for most organizations is striking the right balance between cybersecurity and data and application accessibility. If either of those fail, you will lose the support of your workforce.

This is why the Biden administration’s zero trust strategy as well as the zero trust maturity model from the Cybersecurity and Infrastructure Security Agency highlight the need to take a people-centric approach.

Agencies need to understand how to trust and empower people within well-defined network and application boundaries.

Departments need to balance risks and tie those risks to their people. And agencies need to be agile enough to adjust cyber policies as risks and threats change.

Beau Houser, the chief information security officer at the U.S. Census Bureau in the Commerce Department, said the move to zero trust is giving agencies more tools in the toolbox to protect networks, data and systems.

“Like many organizations, we have a traditional virtual private network (VPN), where the users log in in the morning, they bring up their VPN client, they go through that process to connect into the Census’s VPN. We want to get rid of that, and we’re looking at options that are now called SASE, secure access service edge. What that does is change the nature of the VPN to an always-on VPN so the user just boots their laptop, they’re automatically connected to the cloud’s edge,” Houser said during the panel discussion Why zero trust starts with people. “Cloud is a central part of SASE, and so it’s a better user experience for our staff and it gives us that same level or better protection that we have today with our perimeter model. Zero trust gets rid of the perimeter approach. This is an example of how the endpoint plays into that change.”

Census, like nearly every agency, is pushing that perimeter to the employee as opposed to the network.

Mike Witt, the associate chief information officer for IT security at NASA, said they are rolling out software defined access as part of their move to micro segmentation.

“What this this helps us do at NASA is, we’ve got very sensitive things we do at NASA, we have our intellectual property, you think about astronauts off planet on the International Space Station. We’ve also got other parts of what I’ll call IT research and development that we do on the science side, which is very open to public researchers,” he said. “We need to segment those things apart from each other so that we can have a lot more interaction with our public data, and then protect more of our sensitive infrastructure sensitive data differently. That’s where we’re very excited about zero trust.”

Reduce complexity of tools

Witt said the micro segmentation will limit users’ access to networks or data based on pre-set authorizations. He said zero trust will give NASA a level of control it hadn’t had previously.

A big piece of the move to a zero trust architecture is to reduce the complexity of security tools and capabilities.

Davon Tyler, the chief information security officer at the U.S. Mint in the Treasury Department, said they are identifying certain segments of their architecture based on the zero trust maturity model from the Cybersecurity and Infrastructure Security Agency to prioritize.

“We are looking at high priority, high-profile assets and introducing more complexity to those environments so that we can actually move forward in our zero trust journey. It’s identifying where we are, and then looking at the story on how we’re going to get to zero trust without a specific application, and not necessarily holistically bringing everything to zero trust, but looking at those scenarios, and helping moving forward,” Tyler said. “I think the second part is, telework has exposed our machines so it’s always been something that we’ve had to strategize around. It’s a current asset and deploying technology around the asset so that we can better protect and defend.”

Tyler said the Mint is taking more of an employee-centric cybersecurity model with the data also near the center of the effort.

Steven Hernandez, the chief information security officer for the Department of Education, said that employee-centric and data-centric approach also is why agencies are accelerating their zero trust efforts. He said the remote working and mobile computing has expanded agency threat surfaces.

“Even before you deploy a bunch of awesome ZTA technologies, you have to sort out the questions around employee behavior and actions. It’s really back to the days of thinking about business process engineering because zero trust is going to bring incredible automation, incredible policy and trust engines that can make decisions, but they’re going to need to know what the rules of the game are,” he said. “If you don’t have those rules established before, you’re going to be making it up as you go along, and your artificial intelligence is going to be throwing wrenches all over the place and you may not have an idea as to why.”

Hernandez said implementing ZTA must not only include IT and cyber experts, but privacy, human capital and many others so these business processes are aligned and understood.

Big upswing in reverse engineering attacks

Phil Fuster, the vice president of federal sales at Proofpoint, said the people-centric approach aligned with the policy and privacy side becomes more important as the attack methods evolve. He said Proofpoint is seeing a big upswing in social reverse engineering attacks.

“The bad guys, the threat actors are targeting people with very specific campaigns based on maybe what privileges they think they have or what programs are assigned to you. They’re customizing the attack very specifically to that individual. We’ve seen that over and over. We’ve seen department heads being counterfeited and sent in phishing attacks so it looks like your boss is sending you an email or an SMS, and you have to respond to them right away,” Fuster said.

He added the use of counterfeit accounts through cloud services also is part of the attack vector.

“One of the things we’ve seen is about 98% of our customer base was attacked in some way by their supply chain, either by compromised users, malicious users, or just folks that were unaware,” Fuster said. “We also have seen supply chain issues arise around third party applications. A lot of our customers are asking us, can you risk or can you rate the supply chain for us based on their IP range and how much they’re being attacked? We have a trillion node network that looks at any IP and can give it some kind of a risk rating, based on how much they’re being attacked. But that’s a really important thing that a lot of our customers are looking for. They want to know what risk is being introduced when they can connect to a supplier we have a systems integrator that has over 7,000 suppliers, and they’re utilizing our risk scoring now to help rate their supply chain.”

Learning objectives:

  • Zero trust in a hybrid and remote work environment
  • Risk measurement
  • Addressing legacy systems

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
Information collection, sharing anchors large event preparation, management https://federalnewsnetwork.com/cme-event/federal-insights/preparing-for-large-scale-events/ Mon, 28 Mar 2022 15:55:35 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3982619 Date: On Demand
Duration: 1 hour
Cost: 
No Fee

It’s clear that data and information are the keys to preparing and dealing with large scale events. Whether it’s a music festival or the Super Bowl federal, state and local agencies and private sector organizations are working together to prepare for those large scale events.

The preparation starts months, if not years, in advance, and includes tactical and operational strategy planning.

Chris Rodriguez, the director of the Washington DC Homeland Security and Emergency Management Agency, said large planned events, such as the Washington Capitals Stanley Cup winning parade in 2018, included fire, emergency management services, the Department of Transportation at the federal and state levels and dozens of others.

“You want to make sure that those relationships are built and they’re constantly reinforced and nurtured because when you come together, and you have sort of a city state jurisdiction, like the District of Columbia, where there’s 29 different law enforcement agencies, both at the federal and local level, you got to make sure that coordination is strong on unplanned events, like we just had the State of the Union event as a national special security event,” Rodriguez said during the panel discussion Preparing for Large-Scale Events sponsored by Dataminr. “From the Secret Service to the Capitol Police to the Park Police and across the federal government entities, we have great relationships with them. We do tabletop exercises and planning with them in terms of our security posture. We’ve got a good structure in place here. It’s been in place for decades, and we just continued to refine it over time.”

All of the panelists agreed that building and maintaining trust is central to the event’s safety and success.

Chief Benjamine “Carry” Huffman, the acting chief operating officer at U.S. Customs and Border Protection in the Homeland Security Department, said you can’t surge trust during events.

“One of the first things we have to address when we’re involved in is what authorities do we have to do this because that’s not that’s not normally what we are authorized to do. We’re usually asked to participate by another agency, for example, the Super Bowl that was designated as a level one series and the Secret Service had the overall lead for DHS, and so the support requests came from them,” Huffman said. “When it comes to actual strategy of protecting an event, it’s not unlike a lot of things we do a big amount of. For generally a large scale event like the Super Bowl, you got three key things you look at. You need an impedance and denial capability to know who gets in and you isn’t supposed to get in. You need to have situational awareness about what’s going on. That comes from electronic collection methods like cameras or intelligence collections, and you need your relationships because there’s no one agency that does it and you have to be able to cooperate, communicate and transmit data across those lines, which is key to making it successful.”

The situational awareness piece helps create that trust relationship. Federal, state, local agencies and the private sector must partner to collect and analyze data to create that situational awareness.

Jay Humphlett, the executive vice president for public sector at Dataminr, said establishing those formal lines of cross-agency communications is vital to ensure the best information is shared in real-time.

“How do we bring in all of the disparate publicly available information, data sources and how to do that at scale around the globe? We have started to bring in over 250,000 different datasets, and we’re able to look whether it was the trucker disruption up in Canada or the trucker convoy, we’re able to find those critical events,” Humphlett said. “Then, now that we have the information, we push those alerts out to the stakeholders in real time. That’s how we tried to help develop this common picture for all of the stakeholders in the area.”

He added artificial intelligence is key to helping organizations understand the information in real time – finding the needles in the haystack during critical events.

Christopher Paolino, the vice president of strategy and operational performance for the Metropolitan Washington Airports Authority, said they use data to understand how a certain event will impact travelers, airport operations and facilities and the roadways that serve the airports.

“There’s no way to restate planning is as early in advance and as comprehensively as possible, but it’s that flexibility to move our resources to respond to where they need to be when they need to be as we get better information about how conditions are changing,” he said. “The information that we can gather and is shared, as more and more intelligence comes in, is important. We can pre-position assets to the best of our ability. But then, from our standpoint, it’s an interoperability of those assets, how can we quickly move them back and forth, the airports aren’t terribly far apart from each other 26 miles in between the two. But we have to be able to communicate and coordinate across those two, but also that shared communication infrastructure to the region.”

Paolino added that shared communication infrastructure comes partly from the technology that underlies the region, but also from cross functional training that occurs annually.

Humphlett said public and private sector organizations should rely on current and historical data to help influence their situational awareness.

Huffman added the data and the trust relationships create the foundation and then ensuring there are clear operational requirements brings everything and everyone together.

“That’s always a piece that needs to be worked on. You can ask for that information, but it needs to be relevant to what you’re trying to do, and I think that helps do that quite a bit,” he said. “There’s a responsibility on the operator to describe what your collection requirements are, what you are looking for, what’s relevant to you and your mission set and what you’re trying to accomplish. Understanding that relationship is the key, and understanding those collection requirements is important to make sure you’re getting the right stuff.”

Learning objectives:

  • Considerations for planning for large-scale events
  • Evaluating data for event strategies
  • Utilizing mobile alerts and technology

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
The Federal Executive Forum’s Data Center and Cloud Optimization in Government https://federalnewsnetwork.com/cme-event/federal-executive-forum/the-federal-executive-forums-data-center-and-cloud-optimization-in-government/ Fri, 18 Mar 2022 17:18:06 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3967153

Date: On demand
Duration: 1 hour
Cost: No Fee

Description

Data centers and cloud optimization is an important topic in government today. But what lessons have agencies learned to create more impactful optimization for the future?

During this webinar, you will learn how federal IT practitioners from the General Services Administration, Army Corps of Engineers, Department of Homeland Security, Cloudera, Quest Software and Snowflake are implementing strategies and initiatives around data center and cloud optimization.

The following experts will explore data center and cloud optimization, best practices and what it means to you:

  • Thomas Santucci, Director, Data Center & Cloud Optimization Initiative PMO, General Services Administration
  • Dovarius Peoples, Chief Information Officer, Army Corps of Engineers
  • Beth Cappello, Deputy Chief Information Officer, Department of Homeland Security
  • Rob Carey, President, Cloudera Government Solutions
  • Chris Roberts, Federal Technology Director, Quest Software Public Sector
  • Nicholas Speece, Chief Federal Technologist, Snowflake
  • Moderator: Luke McCormack, Host of the Federal Executive Forum

Panelists also will share lessons learned, challenges and solutions and a vision for the future.

Registration is complimentary. Please register using the form on this page or call (202) 895-5023.

]]>
The Federal Executive Forum’s IT Modernization in Government 2022 https://federalnewsnetwork.com/cme-event/federal-executive-forum/the-federal-executive-forums-it-modernization-in-government-2022/ Mon, 28 Feb 2022 21:44:44 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3933797 Date: On Demand
Duration: 1 hour
Cost: No Fee

Description

In the federal government, it’s no longer a question as to whether to modernize, but instead how to modernize efficiently and effectively.

During this webinar, you will learn how federal IT practitioners from the U.S. Patent & Trademark Office, Internal Revenue Service and Department of Homeland Security are implementing strategies and initiatives around IT modernization.

The following experts will explore IT modernization strategies, best practices and what it means to you:

  • Jamie Holcombe, Chief Information Officer, U.S. Patent & Trademark Office
  • Nancy Sieger, Chief Information Officer, Internal Revenue Service
  • Soldenise Sejour, Chief Information Officer, Office of Intelligence & Analysis, Department of Homeland Security
  • Nicholas Speece, Chief Federal Technologist, Snowflake
  • Nick Psaki, Principal Technology Strategist, Pure Storage
  • John Harris, Executive Director, Federal Civilian, Verizon
  • Moderator: Luke McCormack, Host of the Federal Executive Forum

Panelists also will share lessons learned, challenges and solutions, and a vision for the future.

Registration is complimentary. Please register using the form on this page or call (202) 895-5023.

]]>
How data and APIs can bridge DoD’s modernization gap https://federalnewsnetwork.com/cme-event/federal-insights/updating-dods-military-health-it-systems/ Wed, 16 Feb 2022 19:08:17 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3913848 Date: On demand
Duration: 1 hour
Cost: 
No Fee

The Defense Department and other government agencies are on a tear to modernize their IT systems. As networks from the 1980s and 1990s continue to age and become more vulnerable, the government is trying to bring IT into the 21st century by rolling out modernization strategies and inking large contracts to build new architectures.

One of the biggest issues is that agencies need to ride two horses at the same time to keep business going while also upgrading.

“We call this changing digital environment the Fourth Industrial Revolution,” said Michael Parker, vice president and business development executive at Salesforce, during the discussion “Updating DoD’s Health IT Systems,” sponsored by Mulesoft. “It takes leadership and innovation and the ability to build coalitions in an alliance around those business communities, to bring them together as a collective governing body to invest wisely in the technology, but then leverage that technology to the greatest extent practical.”

That’s the model departments like the Defense Health Agency (DHA) are taking to rid themselves of old, duplicative and costly IT systems. Parker said DHA is unique because it’s taking in many different IT systems from the military services, much like a large company might bring in smaller businesses.

“They’re merging those technologies into a single instance of that technology like they’re doing with the health care system that exists throughout DoD,” Parker said. “This manual processing across the business mission area, many duplicative, disjointed legacy systems that aren’t as responsive as senior leaders and individual service members would expect them to be.”

APIs may be one way to solve the problem of duct taping together systems until the gap is bridged to a new system, according Ravi Bahti, manager for solution engineering at Mulesoft.

“Traditionally, if we look at integration, it has been very project centric approach. Point to point integrations are created to take care of the project needs,” he said.

One resource is to infuse integration with APIs.

“That is what we call as API-led-connectivity or API-led-integration,” Bahti said. “Applications need data, business processes need data, and in order to make the right decisions, right data should be available at the right time.”

APIs help do that by repurposing hard-to-reach data.

“Getting data from the authoritative data sources, in a very secure and governed way is the most tedious, difficult job,” Bahti said. API platforms provide all the necessary capabilities to create APIs on top of those authoritative data sources. Once these API’s are created, they become reusable building blocks.”

While using that data, agencies also need to be careful in making sure it is accessed safely and securely.

Jennifer Luong, a strategic security architect at Mulesoft, said zero trust is one of the best ways to ensure data going to APIs remains safe.

“It’s important to note that the security is a shared security responsibility between the product which enables the application of the security and the organization to implement and define their strategy in accordance with their policy and risk tolerance,” she said.

Learning objectives:

  • Defense Health Agency Overview
  • Cybersecurity at the Defense Health Agency
  • Key Transformational Challenges for DoD
  • API Integration into Systems

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
Take Control of Privileged Access Before Attackers Do https://federalnewsnetwork.com/cme-event/federal-insights/take-control-of-privileged-access-before-attackers-do/ Fri, 11 Feb 2022 18:51:59 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3905657 Date: On Demand
Duration: 1 hour

Description

The final version of the Biden administration’s zero trust strategy debuted in late January.

As federal Chief Information Security Officer Chris DeRusha said after it came out, the strategy is a starting point.

While the journey will be long and hard, DeRusha and other administration leadership believe the strategy gives agencies a common approach that is just prescriptive enough to move agencies toward a common set of goals.

At the center of the zero trust strategy is identity and access management (IDAM).

While IDAM is far from a new cyber protection, OMB believes improving identity and access management as part of a zero trust environment is a way to quick way to improve system and data security and make agencies more resilient.

Of course, there is more to zero trust than just identity and access management. The Cybersecurity and Infrastructure Security Agency (CISA) maturity model details four other pillars, and then there is the integration among systems. The complexity will only grow as agencies add operational technology (OT) to the mix of what they have to protect.

“Agencies are starting to look at what they have in their environments, doing assessments and looking at things that that they have and that are inherent in their current architectures and capabilities. They also are looking at those gaps,” said John Simms, a senior technology advisor for the Office of the Chief Technology Officer at the Cybersecurity and Infrastructure Security Agency, during the panel discussion Take Control of Privileged Access Before Attackers Do. “They’re starting to look at how they’re going to transition from their traditional architectures to those of zero trust. I know the continuous diagnostics and mitigation (CDM) plays a huge part in that role in terms of like the sensoring of the networks and what have you. So I think that’s some of those preliminary steps that we’re seeing in terms of where the agencies are at today, and where they’re where they’re headed next couple of weeks.”

OMB made it clear in the strategy that agencies will move toward zero trust at their own pace based on their current capabilities and how quickly they can fill their gaps.

Gerald Caron, the chief information officer for the Office of the Inspector General at the Department of Health and Human Services, said he is conducting an inventory of cyber tools and capabilities. Caron said he is using a straight-forward red, yellow and green grading system based on the capabilities outlined in the CISA maturity model.

Caron said one area of focus is trying to apply a dynamic risk scoring approach to privileged user accounts.

“It’s basically what will tell the policy engine, when you look at NIST 800-207 for what needs to be done, it’s based on your risk tolerances. So all those users, privileged users, normal users, power users, whatever types of user categories you have, they all have different levels of risk, I would say those privileged users have a very high level of risk, as a result of what they have access to,” he said. “When we talk about identity, and we talk about access and authentication, it can’t be a one-time linear event. It has to be ongoing and evaluated all the time because there’s factors that can change at any time. We’ve got to be able to measure those and based off whatever your threshold is take the appropriate action. That has to be ongoing authentication, ongoing access in my mind.”

Gary Buchanan, the director of the cybersecurity office and chief information security officer at the National Geospatial Intelligence Agency, said zero trust is not a new concept for the intelligence community.

“We already have some robust capabilities, like multi-factor authentication, which is nothing new to us, encryption of data-at-rest, and in transit. But there are some different tenants with the zero trust specific implementation that we’re going to look at from that lens again,” he said. “That different lens is about how we’re going to look at how our systems that are connected, how users are accessing the data, how we’re tagging the data. If we assume that we’ve already been breached, then how do we ensure the least amount of damage that can be caused by a potential insider or someone that is outside of our organization?”

Sean Connelly, the TIC program manager at the Cybersecurity and Infrastructure Security Agency, said the long term vision for zero trust is to make it harder for attackers to move laterally across networks and limit agency exposure.

He said agencies through the CDM program agencies focused on the who and the what, and now they are trying to answer the harder question of why.

“That’s a difficult question to answer, the why? It’s that context with what they are doing with the access, I think, is where we’re going to see a lot of focus,” Connelly said. “I think that’s reflected in the strategy, which mentions about building out new data sources to leverage as we build out the new ICAM solutions.”

Josh Brodbent the regional vice president for public sector solutions engineering at Beyond Trust, said agencies need to understand what data they have and where the data is located in order to better the context around why a user needs access to specific data.

He said these concepts become even more important as zero trusts crosses between IT and OT.

“We take a look at those IoT devices and the hardware that ends up on the networks, the conversation around zero trust that I tend to have really revolves around this concept that these are now all devices that have authorization authentication on your network. So as we have these devices that exist, and they converge into our IT networks, into our identity stores, into everything that we have, so we have to step back and continue that zero trust conversation around these devices,” Brodbent said. “How do we make sure that they stay isolated? How do we essentially manage their identities and make sure that they actually have only the access that they need, which in this case, usually is just some form of internet access so that they can continue to be monitored?”

Learning objectives:

  • The Current Zero Trust Environment
  • Identity and Access Management
  • Factoring Zero Trust into IoT

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
The Federal Executive Forum’s Cybersecurity Strategies/Defense & Homeland https://federalnewsnetwork.com/cme-event/federal-executive-forum/the-federal-executive-forums-cybersecurity-strategies-defense-homeland/ Tue, 25 Jan 2022 14:31:31 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3868509

Date: On demand
Duration: 1 hour
Cost: No Fee

Description
The dramatic change in workforce and service delivery has posed unique challenges to keep our nation secure. How are defense and homeland agencies training their workforce to accommodate evolving technologies?

During this webinar, you will learn how top defense and homeland IT security officials from the U.S. Army Cyber Command and Cybersecurity and Infrastructure Security Agency are implementing strategies and initiatives around cybersecurity.

The following experts will explore cybersecurity strategies, best practices and what it means to you:

  • Ron Pontius, Deputy to the Commander, U.S. Army Cyber Command
  • Robert Costello, Chief Information Officer, Cybersecurity and Infrastructure Security Agency
  • Mark Sincevich, Federal Director, Illumio
  • Jim Richberg, Field CISO, Public Sector, Fortinet
  • David Cerjan, Managing Director, National Security Group, Verizon
  • Moderator: Luke McCormack, Host of the Federal Executive Forum

Panelists also will share lessons learned, challenges and solutions, and a vision for the future.

Registration is complimentary. Please register using the form on this page or call (202) 895-5023.

 

]]>
A cyber attack at the Patent Office led to increased eyes on supply chain risk https://federalnewsnetwork.com/cme-event/federal-insights/securing-the-governments-digital-supply-chains/ Thu, 20 Jan 2022 15:20:58 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3860674 Date: On demand
Duration: 1 hour
Cost: 
No Fee

Many people think of cybersecurity as threats coming from the outside, but with the government relying on private companies to provide hardware and software, the very tools that agencies use could be a threat within themselves.

Supply chain issues are wracking the nation, but the government is also thinking about its supply chain in terms of what companies are providing goods and services.

The U.S. Patent Office is one organization that pay particularly close attention to supply chain issues in order to keep clients proprietary information safe. Just recently, the Patent Office found a zero day vulnerability in one of its logging libraries, according to Stephan Mitchev, director of the Office of Application Engineering and Development and acting chief technology officer at the Patent Office.

That infiltration caused the office to look harder at its supply chain to see what could have been infected.

“Through observability and automation we’re able to look through all of our dependencies and all of our supply chain of libraries, and figure out precisely what the impacts are, and are being addressed,” Mitchev said as part of the discussion Securing the Government’s Digital Supply Chain sponsored by Sonatype. “You have to question you have to question everything that’s really the key of being secure and really smart in this world is really ask questions.”

Mitchev said the first thing he considers when working with a company is if that business is FedRAMP approved. FedRAMP is a government-wide authorization process that continuously monitors cloud products and other services.

“What we’re trying to do is ensure that companies are well funded, they have mature software, used by other agencies and other public companies in the private sector and it’s mutually validated,” Mitchev said. “We have seen as an industry, the benefit of using that kind of software and the upside of it. It’s really important, obviously, being a FedRAMP authorized company that your products are already developed within operated within the United States in an infrastructure that is secure, and you have a minimum set of security controls that that you maintain, and you have made the investments in actually doing that. We know the companies are taking security seriously.”

One idea that has been bantered about is requiring companies to provide an itemized list of the products and companies they use and work with to create a product.

Mitchev said something like that could be helpful to the Patent Office, but there may be better options as well.

“Any additional information that that enhances our supply chain security view is always welcome,” he said. “I’m a great open source supporter, I really believe in it. And while we using that, we using it a lot, we also ensure that all that software is also independently tested for all the software products that we would like to utilize to increase our security awareness and capabilities. Those products have to undergo security testing. It could be an itemized list. But it also could be working with an agency that has already done this with a company and we can share this information so we can review that that as well. That it’s actually even better. That way we don’t need to ask every company to provide that lists across we can actually centralize that. I think that may be maybe one of the good ways to expedite the adoption of those kinds of apps.”

Learning objectives:

  • Automation at USPTO
  • The Cybersecurity Workforce
    This program is sponsored by 

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
The evolution of identity, access management underpins the future of zero trust https://federalnewsnetwork.com/cme-event/federal-insights/what-role-does-identity-play-in-zero-trust/ Tue, 18 Jan 2022 19:28:43 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3810030 Date: On Demand
Duration: 1 hour
Cost: 
No Fee

Two things have become abundantly clear over the few years. The first is zero trust is more than a buzzword as more and more public and private sector organizations move toward this mindset. Second, identity and access management is not only back in vogue, but it’s a key foundational piece to moving toward the end goal of a zero trust environment.

Agencies have been trying to tighten up identity and access management (IDAM) for the better part of 15 years. Departments made significant progress after the breach suffered by the Office of Personnel Management in 2015. But it wasn’t until the pandemic did the value and need for more advanced IDAM capabilities become more obvious.

It’s clear that agencies need to rethink their approach to identity and access management as part of their IT modernization strategy. The role-based, least privileged and just-in-time access is the future for many organizations as applications and workloads move to the cloud and work in more of a DevSecOps ecosystem.

Their goal will be to bring all of new and existing technologies together to ensure the citizen or employees’ experience is secure and effortless.

James Saunders, the senior advisor for cybersecurity at the Office of Personnel Management, said the move to zero trust actually begins with their move to the cloud.

“We’re now heavily leveraging the cloud, with the Cybersecurity and Infrastructure Security Agency’s draft zero trust maturity model and OMB’s draft memo. We are using that to actually draft our zero trust strategy and what we’re doing for each of the pillars identified in the maturity model: data, identity, device, network and application,” Saunders said during the panel discussion What role does identity play in zero trust? “We have a set of projects that help us move toward that optimum maturity model set forth by CISA. For example with data, one of the things that it call us for is to have a data inventory and a data classification scheme. So we are partnering with our privacy team and our chief data officer team to figure out what solution, what processes and what people we will need to bring in to really help us accelerate and address that particular one pillar. Those same conversations are happening across all the zero trust pillars through our zero trust governance team.”

The OPM mission owners also are part of the zero trust governance teams to represent their needs and requirements as they modernize.

Dorothy Aronson, the chief information officer at the National Science Foundation, said at her agency, zero trust underpins a host of other efforts around improve customer experience, modernizing the infrastructure and converging disparate and older systems.

“We don’t talk necessarily about zero trust, but we’ll talk about something that might impact them, for example, two-factor authentication is going to be required from here on. Our customers aren’t interested in necessarily whether there’s an OMB mandate to do that or not, they just want to do their work. We have been integrating the zero trust approach as we modernize everything else, it’s all one single integrated approach,” she said. “With zero trust, what we’re doing is really liberating. It’s the opposite of zero trust in my mind, which means there is no longer a central data center, there is no longer a single wall protecting everything. It’s rather you tell us who you are, and we give you what you need. So you can move outside of this small town, you can be wherever you want to be, as long as we know for sure who you are, that’s where this identity piece is absolutely critical.”

Kelvin Brewer, the senior manager for public sector presales at ForgeRock, said OPM, NSF and so many public sector agencies are considering they can change their foundational framework to truly create a security perimeter.

“What we’re all trying to do with zero trust is we’re trying to standardize how we address the trust but verify model, and bring in some of the newer technologies and around identity, which is really now the new security perimeter,” he said. “It’s not a tall wall. It’s a pretty short wall, and it’s about the individual per person. But it’s still that identity is the new security perimeter. That’s where a lot of the groups that we’re working with are looking first at how do we truly create a security perimeter out of our identities. That’s the steps that seem to be the first effort in accomplishing zero trust out of all the pillars.”

Brewer said while each organization is taking a different approach to implement zero trust concepts, there are some similarities like simplifying their architectures and creating a seamless integration among applications.

Tim Li, the cyber strategy leader for the government and public services practice at Deloitte, said agencies need to understand their zero trust uses cases as they create their roadmaps.

“Identity continues to stress new use cases. The pandemic drove digital transformation efforts and new citizen services. I look at citizens and the interaction of citizens with government and how that has changed operating ecosystems, I think that is something to think about as some of the news cases across the board,” Li said. “Some of these things didn’t exist in terms of interactions that we had before. Some of the ecosystems that we have today as well didn’t exist before, as I think about extended supply chains and some of the third party relationships all have evolved, which has necessitated us to rethink some of what these use cases might look like.”

Learning objectives:

  • Current Zero Trust Strategies
  • The Impact of Cloud on Zero Trust
  • Identity and Access Management

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
Coast Guard prepares for cyber incidents by focusing on ‘people, process and technology’ https://federalnewsnetwork.com/cme-event/federal-insights/ciso-handbook/ Tue, 18 Jan 2022 17:13:09 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3856280 Date: On demand
Duration: 1 hour
Cost: 
No Fee

The Coast Guard’s strategy for defending its networks doesn’t just rely on technology. At a time when many employees are working from home, the Coast Guard also puts a heavy emphasis on training its people and having good security processes in place from the start, according to Capt. John Henry, operations officer at Coast Guard Cyber Command.

Technology has its place, too. Henry says automation is making it easier to respond to incidents by automatically securing artifacts and other forensics. The Coast Guard aims to detect and understand cyber attacks quickly, so it can share that information internally, with other agencies, and with its partners in the Marine Transportation System.

“We actually focus on keeping the network safe through people, process and technology. Having our people trained on good cyber hygiene habits at home, making sure that they don’t click on those malicious phishing links, or that they don’t visit websites that may drop malware onto their computer. Having the processes in place that enable our workforce to use remote technology, whether it’s VPN or it’s another way for them to check their email from home.”  – Capt. John Henry, Operations Officer, Coast Guard Cyber Command.

“Automation is a strong look into the future. So that you don’t always have to have a person right there when an incident happens so that they can secure the necessary artifacts or the forensics, to find out what happened and why.” Capt. Henry

“It’s super important to understand not just the technology or not just your network, but the environment of breaches and the history of breaches. Because while the code itself might be unique, a lot of the times, it’s the same thing just repackaged in new ways. And if you understand what has come before, it better prepares you to plan for what’s next.” – Justin Tolman, cyber forensics subject matter expert, Exterro.

Learning objectives:

  • Coast Guard Cyber Command Overview
  • Cyber Incident Response

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
Agencies need to work smarter, not harder to close cyber vulnerabilities https://federalnewsnetwork.com/cme-event/ask-the-cio/ask-the-cio-cybersecurity-and-infrastructure-security-agency/ Thu, 13 Jan 2022 14:41:57 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3847450 Date: On demand
Duration: 1 hour
Cost: 
No Fee

The latest cyber order from the Cybersecurity and Infrastructure Security Agency isn’t just about fixing known problems in networks and systems.

It’s about giving agencies and industry intelligence to make stopping or limiting hackers’ ability to be successful in a more efficient way.

Michael Duffy, an associate director at the Cybersecurity and Infrastructure Security Agency in the Homeland Security Department, said agencies should view the Binding Operational Directive from November as a way to become better cyber defenders.

“This wasn’t intended to stop the firefight. It was really meant to be a better way that CISA and agencies are fighting fires, and in a smarter, more effective way,” Duffy said on Ask the CIO. “Underlying the core value add that we were looking to present with this directive is the known exploited vulnerabilities catalog — the first of its kind across government and the first of any type of a dynamic list that CISA has presented transparently and open to the public, not just the federal sector. So anyone who wants to be part of this effort to focus on the right things to buy down risk can be.”

Through the November BOD, CISA is asking agencies to do two things. First, the directive gives agencies two weeks to address 90 exploits identified in 2021. Second, it gave agencies six months to address about 200 exploits identified between 2017 and 2020.

Agencies also have two months to review and update their internal vulnerability management procedures in accordance with the new directive. CISA told agencies to “automate data exchange and report their respective directive implementation status” through the continuous diagnostics and mitigation (CDM) dashboard.

CISA has been adding vulnerabilities to the catalog regularly. Between November and December it added 24 new ones and added 15 more since Jan. 1.

Buying down cyber risk

Duffy said the goal of the catalog is to help agencies manage the volume and severity of the vulnerabilities.

“This is really meant to be a six-month effort to sprint toward buying down that risk. That’s the first step. The second moving forward is how this changes the game. We don’t want to have 20 emergency directives every year. We want to refer to one strategic directive BOD-2201, to say, ‘when you’re seeing these updates immediately take action within these two weeks.’ That’s traditionally what we’ve asked for in emergency directives. So this really just scales and makes notable our expectations on agencies,” he said. “The last two actions that are often seen as kind of administrative or managerial, and really, really important for what it means to sustain this effort as a government. The third is really to make sure that agencies are sharing information with each other and DHS as they’re finding challenges and understanding the barriers that they have to patch quickly. That’s something that goes beyond just reporting. It’s really how the government is making sense of these long standing common challenges that we’re seeing, and finding ways that we’re able to tackle them really as a community and not just as a one off. The last is enhancing your own internal procedures to do vulnerability management. That one kind of sounds like an on-the-side type of task. But this is really, really important because it gives agencies a chance to take a look at their current state, identify the best practices, maybe they have heard from CISA or agencies as we’re taking these actions and build up the next phase, the more enhanced procedure that really incorporates this new mindset, this shift in the way that we’re managing vulnerabilities across the federal space.”

Over the last few months, CISA has started to see that change in how agencies are managing their vulnerabilities.

Duffy said this change is happening both from cultural and technology perspectives.

“To really help agencies implement these directives, we want agencies to have them as top priorities so we really put our team to the frontline to make sure that we’re supporting them. We are doing everything from interagency communications, meeting with the Federal CIO Council, the Federal CISO Council, to holding office hours, which is a fairly new thing. Since the start of the remote work environment, we hold weekly office hours after directives are issued where we can answer questions. It’s just kind of a more informal chat between technical teams. It’s gone very well for us and allows that kind of sharing across agencies,” Duffy said. “The other things that we’re doing for the binding operational directive is really going out to individual agencies, seeing what their current posture is when it comes to patch and vulnerability management and providing direct technical assistance where needed as they’re finding those. I like to call it the final mile or the last 3%. If we can’t patch these for these reasons, like it’s legacy technology and so we need to put in a Technology Modernization Fund proposal just to do this, those are really important discussions that we’re having across the interagency and gives us that sense of what agencies actually need from us both in services or support or assistance.”

Finding a common solution

In those meetings with agency technical teams, CISA is relying on the CDM dashboard to pinpoint areas that need extra attention.

He also said the office hours help CISA identify pain points, approaches that may not be working well or potential exceptions to the BOD.

“They’re also giving a hint to our CISA team about the types of things that might be the next strategic directive,” Duffy said. “If we hear from dozens of agencies that a certain technology or a certain approach they’re taking just isn’t working, it’s something that we really want to take to heart and find a better way to present a common-to-many solution. I think that’s a really important tool.

Under CDM, a key feature has been helping agencies know what devices are on their network and then using the dashboard to track the status of those devices. Last fall, CISA released a request for information to push CDM one step further and bring in end point detection and response capabilities.

Duffy said as part of the BOD’s implementation, CISA is making a final push to complete the initial implementation of CDM capabilities, including vulnerability management and asset management.

“We are going back to make sure that agencies are 100% deployed with these capabilities and the data is fully integrated to the dashboards so that they can leverage those tools to not only identify what needs to be patched and identify vulnerabilities on their networks, but also make sure that they’re taking all steps they can with technology to apply patches quickly,” he said. “That really does help an agency address the hundreds of vulnerabilities in the catalog, possibly add automation and make sure they have the right technical expertise. All of that is really critical at this point.”

Duffy said through the CDM dashboard is how CISA also will hold agencies accountable for meeting the goals of the BOD.

He said agencies must report the status of patching vulnerabilities as part of the reporting process under the Federal Information Security Management Act (FISMA).

“We are making sure that as agencies are taking the time to account for their current state, providing it into a mechanism and an approach that they are already used to. It’s not a new reporting regime. It’s not a new channel. It’s something that we’ll collect centrally for the time being, so that agencies can give us a sense of where they are. We can dig a little bit deeper into making sure that they’ve truly addressed all of these critical vulnerabilities,” he said. “I will note that I say for the time being because back to CDM, it can’t continue to be a manual process. I don’t want to see any agency CIOs having one list for their own assets and devices, another list with CISA known exploit vulnerabilities and manually comparing the two. Industry partners are playing a huge role and feeding this into their products. The CDM program is ensuring the dashboard is fully integrated, or even have a view that agencies can have to really understand where they are in this specific directive. And that all matters. We are already seeing that at a good number of agencies right now that have that at their fingertips as we speak. But we have to provide that alternative reporting, while we’re waiting for 100% across all agencies.”

Learning objectives:

  • Binding Operational Directive 22-01 Overview
  • Implementation for BOD 22-01 for Agencies
  • The Prioritization of Patching Vulnerabilities
  • EDR Capabilities Request

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>
Agencies must use identity as a foundational element to zero trust https://federalnewsnetwork.com/cme-event/federal-insights/the-evolution-of-icam-strategy-in-a-hybrid-world/ Fri, 17 Dec 2021 20:39:18 +0000 https://federalnewsnetwork.com/?post_type=cme-event&p=3812193 Date: On demand
Duration: 1 hour
Cost: 
No Fee

Agencies have been on an identity management journey since the late 1990s.

From efforts like the federal PKI bridge to e-authentication to PIV and CAC to biometrics and derived credentials, agencies have spent the last two decades trying to solve the identity and access management challenge.

So 17 years after the Office of Management and Budget issued Homeland Security Presidential Directive-12 (HSPD-12), which mandated the use of smart identity cards, agencies continue to rely on these token-based cards, but they also may be standing in the way of the future.

The future of identity and access management includes no longer relying on authentication methods that solely use VPN technology. They must include newer approaches to authentication and validation that rely on cloud and other technologies.

This renewed focus on identity and access management isn’t by accident. ICAM is a key foundational piece of the Biden administration’s push toward zero trust.

Agencies also are learning that the application of zero trust isn’t just about people, but devices, endpoints and everything in between.

As agencies modernize their identity and access management as part of their zero trust journey, they must also keep their true end goal in mind–improving citizen services and mission effectiveness.

André Mendes, the chief information officer of the Department of Commerce, said he is consolidating 13 separate identity and access management systems across the agency.

“Some of them already on the right on the route to zero trust architecture, others not so far along, so one of the first initiatives that I brought to the table was to create one item solution for the entire department that would leverage the strengths of the solution deployed by one of our bureaus, NOAA, and then would allow us to have an integrated system that would be easier to maintain,” Mendes said during the panel discussion the Evolution of ICAM Strategy in a Hybrid World. “The concentration of efforts into one solution would allow us to have a higher, lowest common denominator across the entire department. Fortunately, all of the bureau CIOs were agreeable to that.”

The Energy Department is taking advantage of the risk-based approach the National Institute of Standards and Technology ushered in with special publication 800-63, which lets agencies move away from the old “one-size fits all” approach to identity and access management.

“With zero trust, we know it’s well beyond people, it’s devices, it’s data, so this is actually a fun time that a lot of us have built the foundation, if you will, and it’s kind of exciting now that we’re extending this past the traditional people based I can’t programs,” Ken Calabrese, the program manager for the ICAM program in the Office of the Energy Department’s chief information officer. “One of the things that we’re working on right now, and I would stress is another critical thing that we all have to do, is privileged access management. When we were on site, and everything was within the domain of the local area network, separating privileged from standard users was desirable. In our world now, in particular, with going to cloud computing, separation of privilege from standard users is critically important. So we’re beginning to take a serious look at how we will implement that throughout the department.”

Aubrey Turner, an executive advisor for Ping Identity, said Energy and Commerce’s move to consolidate and improve identity and access management is the key foundational element to zero trust.

“How do you get to zero trust without identity? I don’t know of a way that you get there. And if you’re saying how do you get to least privilege without identity and least privilege as part of zero trust, there’s just no way to get there without identity,” he said. “Essentially, at some point, all identities will be treated as either known or unknown, depending on which side of that coin you want to play on. You’re basically treating an identity as something that you have to verify.”

Sean McIntrye, the director of solution delivery for the Office of the Chief Information Officer at the Federal Aviation Administration, said his agency is looking at identity as the new perimeter for security.

“We want to collapse our perimeters. We’re going to rely on the identity piece of it. Micro services for us is a big deal because we’ve got a whole lot of applications that we need to develop that are custom developed for many different reasons, but also our move into the cloud to take advantage of the cloud services that are out there, we have to be able to marry it all into the same solution,” he said. “Identity is the first pillar of the DHS playbook for a reason. It just sets the stage for everything else.”

Jeremy Grant, the managing director of the technology business strategy at Venable and the former director of the National Strategy for Trusted Identities in Cyberspace at NIST, said the big reason identity and zero trust are getting so much more attention today is the way federal network and system architectures have evolved.

“Whether it’s cloud, whether it’s mobile as some of us are in real office and some of us are in home offices right now, identity is the one common denominator that you can use as a protection layer to actually figure out who’s actually trying to come into my systems, and what are they trying to do,” Grant said. “Is it who they say they are, or is it the proverbial dog on the internet? I think with zero trust, it really is an identity centric approach to security. There’s a lot of different definitions out there, but to me, it was when Google first talked about it publicly with their Beyond Core initiative about six years ago, where it said they were not going to try to build firewalls or perimeters anymore because we think that anything we keep in a corporate intranet is going to be just as vulnerable as what’s out there on the plain old fashioned internet. So let’s just put all our data out there in old fashioned internet but encrypt it. Then if you want to access it, it’s really tied to identity.”

Learning objectives:

  • The Evolution of ICAM Strategy
  • Zero Trust and ICAM Strategy
  • Balancing ICAM with a Broad Base of Customers

This program is sponsored by   

Complimentary Registration
Please register using the form on this page or call (202) 895-5023.

]]>