CyberThreats 2025 - Beyond Zero Trust - Building Federal Cyber Resilience - Day One


This event qualifies for .2 CEUs

This event qualifies for 2 CPEs

This event qualifies for 2 CLPs


The federal government has invested almost four years to move all its systems and networks to a least permissive access architecture, based on the concept of “never trust, always verify.” This has significantly improved cybersecurity, but it’s a moving target – bad actors, whether cyber criminals or hostile nation-states, keep evolving their tools and tactics, seeking new vectors they can penetrate.

 

To constantly improve an agency’s risk profile, security professionals must pay attention to trends both in cyber attacks and in new defensive measures. For instance, hackers are using AI to help their social engineering efforts, ferreting out and stealing legitimate login credentials.

 

Learning Objectives:

  • Review the five pillars of trust and which pillars are the hardest to address with legacy or siloed systems
  • Apply the concept of “least privilege” to your agency’s implementation of a least permissive architecture to determine feasibility
  • Outline the range of analytics that can be used to understand your agency’s entire cybersecurity environment and response profile

Speaker and Presenter Information

Hosted By:

Claudia Hosky, Publisher, FedInsider

Claudia Hosky
Publisher,
FedInsider

 

John Breeden II, Moderator & Contributing Editor, FedInsider

John Breeden II
Contributing Editor,
FedInsider

 

Session One: Rethinking Least Permissive Architectures
The federal push to implement zero trust architectures across all agencies is built on five pillars – identity, devices, networks, applications and workloads, and data. These work well, but do not address one of the government’s ongoing issues: the existence of technology silos, where – whether because of outdated, legacy systems or capture by proprietary tech – that make achieving least permissive much more difficult. This is where the concept of “least privilege” comes in.

Larry Fuller, Senior Scientific Technical Manager for Cybersecurity, Naval Information Warfare Center (NIWC)

Larry Fuller
Sr. Scientific Technical Manager, Cybersecurity,
Naval Information Warfare Center (NIWC)

 

Session Two: Identity, Access & Micro-segmentation
Identity is central to zero trust, but it also can be a fluid concept; users can be identified by their job titles, the tasks they’re assigned, the work groups – both within and across disciplines – they contribute to, to name a few examples. A user might require access to a particular application in one role, for instance, but have no need for access when working in another of their roles. Utilizing micro-segmentation – dividing networks into smaller segments that can be isolated, often at the individual workload level – can mitigate threats from users that legitimately have access to one part of a system but should not be able to move laterally to other parts of that system.

 

Session Three: Building Cross-Pillar Capabilities
Integrating security across the five pillars of zero trust architectures means ensuring visibility across all of them, and analytical tools that can take the information to present a unified picture. To accomplish that requires both automation – to ensure that cybersecurity is consistent and up-to-date – and orchestration that ensures all the pillars are attended to in a timely manner. These measures also apply to governance, such as the application of required regulations and reporting.

David Bottom, Chief Information Officer, Securities & Exchange Commission

David Bottom
Chief Information Officer,
Securities & Exchange Commission

Relevant Government Agencies

Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, Census Bureau, USAID, National Guard Association, EEOC, Federal Government, State & Local Government, FDA, Foreign Governments/Agencies, NSA, FCC

Members who viewed this event also viewed:


Register as Attendee


Add to Calendar


Event Type
Webcast


This event has no exhibitor/sponsor opportunities


When
Wed, May 28, 2025, 1:00pm - 3:00pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Event Sponsors


Organizer
FedInsider


Contact Event Organizer



Return to search results