CyberCast

With a region spanning Northeast Africa, Middle East and Central and South Asia, CENTCOM is preparing for the Defense Department's JADC2 effort to better connect data capacities around the world. DISA Central Field Command's Tania Wilkes shares some of her top cyber challenges and how she believes cyber education will make or break cybersecurity for military operations. Expect to hear about satellite communications, 5G security, zero trust and more in this episode.

Faced with increased threats from ransomware, the health care industry is growing its security priorities with technology and data. Dr. Kevin Fu, acting director of medical device cybersecurity at the Food and Drug Administration's Center for Devices and Radiological Health, discusses FDA's recently updated draft of its premarket cybersecurity guidance and how medical device developers can leverage capabilities like threat modeling to drive a proactive approach to cybersecurity.

A new Zero Trust Portfolio Management Office is putting the Defense Department on track to improve its overall cybersecurity posture. While this will be a major task for DOD, a zero-trust roadmap will ensure the proper training and workforce are in place for greater interoperability across the entire department. The portfolio management office will also help accelerate the adoption of zero trust throughout DOD and make it an embedded way of life. DOD's Principal Deputy CIO for Cybersecurity Mark Hakun talks about culture change and the integration of zero trust, the challenges the department is facing and the capabilities DOD hopes to deliver later this year.

The Cybersecurity and Infrastructure Security Agency promotes a variety of best practices and resources across the cyber space, and the software bill of materials — otherwise known as SBOM — is a rising area of importance. We speak with one of CISA's top promoters of SBOM development at the 2022 RSA Conference to dive into the different components of SBOM development, the benefits SBOMs bring to your security posture and how you can work on developing your own SBOMs today.

The Defense Department's Cyber Crime Center (DC3) is a federal cyber center and serves as a center of excellence for digital and multimedia forensics. Its training academy also trains thousands of DOD personnel every year. Acting Executive Director Joshua Black, a longstanding cyber expert, discusses the ransomware trends and threats facing the Defense Industrial Base in this kickoff episode in CyberCast's Ransomware Miniseries.

Army Software Factory CISO Angel Phaneuf discusses how she's working to foster zero trust interoperability and a healthy cyber culture throughout the Defense Department. She also tells the story of how Army Software Factory discovered the Log3j vulnerability and mitigated it in only 24 hours.

GovCIO Media & Research returned to in-person events on Thursday with Infrastructure: Cloud Modernization. Our senior researchers are joined by staff writer Adam Patterson to break down top takeaways from the event, including critical approaches to cloud implementation, the role of the user in cybersecurity, data literacy and more. Featured perspectives include leadership from DISA, GAO, VA, GSA, U.S. Army and more.

Hear from Col. Ken Kuebler about the importance of modular, open-systems architecture and his top cybersecurity and IT modernization challenges for the Fixed Wing program office at USSOCOM.

USSOCOM Networks and Services COO Col. Joe Pishock sits down with GovCIO Media & Research to discuss the importance of commercial cloud-hosted collaboration tools for network modernization and the cybersecurity challenges, such as overclassification, that hinder successful implementation.

AFCEA TechNet Cyber 2022 marks another return to in-person events, and Senior Researcher Kate Macri is here to discuss top takeaways and themes from the conference. Topics include ICAM solutions, zero trust, cyber operations and what it's like to be in-person again after two years of online panels.

The U.S. Air Force's BESPIN software factory provides mobile application development as a service to airmen, but mobile technologies are notoriously difficult to secure. BESPIN CISO David Cantrell discusses the cyber challenges he faces and why he has a love-hate relationship with tools like software bills of materials (SBOMs).

U.S. Air Force software factory Kessel Run relies on a unique blend of tech tools to address new cyber threats. This includes DevSecOps, APIs and even something called "chaos engineering." Hear from Kessel Run Chaos and Performance Tech Lead Omar Marrero about how the organization quickly identifies and remediates threats to Air Force weapons systems.

The 16th Air Force is responsible for all Air Force networks for warfighting, and is the combatant command responsible for all of the Air Force's offensive and defensive cyber operations. Deputy Commander Brig. Gen. Brad Pyburn discusses top cyber concerns and challenges as malicious cyber activity surges, and the "secret sauce" to cybersecure implementation of JADC2.

As the U.S. Navy gears up for 5G, a number of pilots are underway to evaluate the risks that come with this faster network capability that unlocks the path to many emerging technologies like AI. The Navy's first order of business is to modernize its environment for 5G. It is also looking at the best ways to protect its systems and maintain good cyber hygiene along the way. Navy Chief Digital Innovation Officer Michael Galbraith talks about the Navy's efforts to mitigate vulnerabilities as it gets its networks ready for 5G.

Blue Cyber Lead Kelley Kiernan tells the story of how she developed an initiative to support small businesses navigating tricky cyber questions as cyberattacks against the Defense Industrial Base skyrocket. She is now detailed to the Air Force's CISO office, where she's breaking down cyber roadblocks for small businesses to participate in top opportunities with the service.

With the ever increasing number of data breaches and hacks, cybersecurity has become a focal point for many federal agencies. Quantum computing could play a major role in helping organizations identify and avert cyberattacks even before they arise. DARPA Program Manager Joe Altepeter from its Defense Sciences Office talks about how DARPA is examining the great possibilities of this new technology for applications in defense and beyond.

As the cybersecurity and privacy field continues to grow in the health care space, so does the need to better protect patient data. For IT leaders at Penn Medicine, this means tackling deep-rooted challenges in recruiting to remove bias and also implementing careful strategies for safeguarding against ransomware threats of this sensitive data. Penn Medicine Senior Application Manager of Clinical Research Information Security Jessica Chen from HIMSS along with Director of Information Security Seth Fogie, joining virtually, break down this issue and discuss how others can learn from it.

It's time to take it up to zero — zero trust, that is. Senior researchers Melissa Harris and Kate Macri return to discuss the outcomes from our latest virtual event, CyberScape ID. Topics include the role of identity in zero trust, data management and identity solutions. Featured perspectives include leadership from OMB, HHS OIG, Fortinet and more.

National Cyber Director Chris Inglis believes current cyber leaders are uniquely qualified to transform federal cybersecurity and can work together to solve anticipated challenges like workforce shortages. The nation's top cybersecurity chief discusses his cyber priorities for 2022 and what federal agencies can do to strengthen their cyber postures in an increasingly volatile cyber landscape.

USCIS was an early adopter of zero trust and artificial intelligence for cybersecurity. CISO Shane Barney discusses how the agency continues to innovate and improve its cyber strategies in an increasingly hostile cyber environment.

Government agency leaders discussed how their organizations are approaching increasing modernization around artificial intelligence and data management, and key considerations for how these systems ensure strong national security. Issues include cyber warfare, workforce upskilling, high-performance computing and current research and features leaders from the Defense Department, NASA, Department of Homeland Security and more. Highlighted remarks featuring: Thomas Kenney, Chief Data Officer, SOCOM Dr. Mark Segal, Deputy Director of the National Security Agency's Research Directorate Greg McCullough, Director of Cyber Artificial Intelligence, Booz Allen Hamilton Tsengdar Lee, Program Manager of the High-End Computing Program, NASA Martin Stanley, Branch Chief of Strategic Technology, CISA Krista Kinnard, Chief of Emerging Technologies, Department of Labor

The next generation mobile network is on its way in, but 5G's impact lies in more than cellular connectivity. The technology will be central to digital innovation supporting artificial intelligence, cloud computing and data sharing. NIST IT Specialist Jeff Cichonski unpacks the security implications of this movement and how NIST's center of excellence is exploring ways to remove or reduce these threats to 5G infrastructure.

Federal agencies are taking charge in implementing zero trust strategies amid a Biden executive order to boost security amid recent incidents. The Department of Health and Human Services' Office of Inspector General's new CIO, Gerald Caron, discusses how zero trust and software supply chain risk management anchor not only his cyber strategy around agency audits, but also that of the entire federal government.

Acting CISO Greg Edwards sees identity, credential and access management (ICAM) and zero trust as key strategies for combatting ransomware and other cyberattacks that are afflicting government agencies nationwide. Edwards also discusses the collaboration between FEMA and state, tribal and local governments, as well as lessons learned throughout the pandemic on future cybersecurity approaches.

Cybersecurity is increasingly becoming synonymous with national security. As we become more connected, integrate technology into our infrastructure, and work to ensure our supply chains are secure, leaders in federal government and industry discuss working toward securing our nation from the Aug. 19 CyberScape event series, kicked off by fireside chat keynote Chris Inglis.

Women make up less than one-third of all STEM-related jobs. Additionally, the Department of Homeland Security estimates there are at least 500,000 unfilled cybersecurity positions, which the agency deems a risk to national security. NIH's Jothi Dugar, NIST's Danielle Santos, and Okta's Michelle Tuggle from the Women Tech Leaders event discuss how they are encouraging and educating women to help fill the cybersecurity workforce gap and the gender STEM gap at the same time.

CISA COVID-19 Task Force Lead Steve Luczynski, Presidential Innovation Fellow Michelle Holko and CISA Senior Advisor Josh Corman tell the unlikely story of how they created a team with diverse backgrounds to help keep America running, informed and safe during the pandemic. The experts discuss the roles they played in the early approaches to the pandemic response and subsequent security implications.

The COVID-19 pandemic made health IT more vulnerable than ever as cyberattacks on hospitals, public health organizations and research initiatives soared. Featured panelists from the CyberScape: Health Care event highlighted ways federal health IT leaders are securing their networks and sensitive information, and also look back on cyber lessons learned from the COVID-19 pandemic. Featured commentary from the Defense Digital Service, CISA, HHS and more.

Jennifer Franks offers a unique outlook on the state of federal cybersecurity thanks to her oversight role at the Government Accountability Office. Franks discusses some of the top cyber issues facing federal agencies and how President Biden's cyber executive order can address them.

Newly promoted Wanda Jones-Heath talks about her position as principal cyber advisor for the Department of the Air Force and what a holistic approach to cybersecurity looks like. This includes taking hold of data interoperability efforts and ensuring all teams are operating in a cohesive yet still safe and secure infrastructure amid recent concerns with supply chains and data breaches.

Amid software hacks like the SolarWinds incident, the FDA works with manufacturers and other agencies to ensure medical devices are secured and personal data is kept safe. Jessica Wilkerson, cyber policy advisor at the FDA, discusses the shared responsibility of cybersecurity and the need to secure the entire supply chain.

Securing the federal supply chain is among government's top priorities right now. Lisa Barr, CISA's cybersecurity supply chain lead whose prior role involved the recently established Federal Acquisition Security Council, discusses the whole-of-government approach to supply-chain security threats and how varying agency missions and needs come into focus around established risk management standards. Barr gives us a look at the biggest challenges ahead and the current efforts underway to ensure security from threats.

The Cybersecurity Maturity Model Certification (CMMC) standards require third-party assessments on security requirements for contractors to bid on DOD contracts. Rocky Thurston of Perspecta and Seth Storie of ArdentMC look at how much CMMC will impact contractors, plus share perspective on ways it could change federal contracting overall.

The Criminal Investigations and Network Analysis Center, a Department of Homeland Security S&T Center of Excellence, supports the agency with research and tools for fighting cybercrime. Jim Jones, CINA's director, details how researchers are working to intercept cybercriminals and educate a new generation of cybersecurity professionals.

Suzanne Spaulding, former DHS undersecretary for cyber and infrastructure, now a member of the Cyberspace Solarium Commission and CSIS, draws on her deep well of knowledge and experience in cyber and the intelligence community to frame our nation's biggest cyber risks — and how to address them.

CDM Deputy Program Manager Betsy Kulick describes how and why CISA started the famed cybersecurity program, how it's going, and what's next for federal agencies seeking to protect their networks in 2021.

Federal leaders gathered to discuss innovations and capabilities of cloud computing during our Nov. 19 Cloud Summit. Catch up on these highlights from leaders at the Department of Homeland Security, Defense Logistics Agency, FedRAMP and learn more about zero trust capabilities and streamlining ATO processes.

Cybersecurity expert Trey Herr, director of the Cyber Statecraft Initiative at the Atlantic Council, explains why IT and cloud supply chain security is a national security issue — and what federal agencies can do about it.

Securing IT supply chain means preventing counterfeits, end-user malware and vulnerable components as federal agencies modernize their IT and infrastructure. From our Oct. 7 virtual event, hear from CISA National Risk Management Center Associate Director Daniel Kroese and Dell Technologies' Dan Carroll on how agencies are working together to secure the supply chain.

NIST Fellow Ron Ross discusses how federal agencies can maintain best cybersecurity practices while working remotely, plus how standards and practices like FISMA, zero trust and privacy play into federal strategies.

Federal officials came together during our Sept. 2 CyberScape virtual event to discuss priorities in security and hiring the next generation of leaders, including a conversation on women in tech with Katie Arrington, Jothi Dugar and Venice Goodwine. Looking ahead, standards like TIC 3.0 and CMMC will have lasting impact on federal security strategies.

The Department of Homeland Security Science and Technology Directorate in partnership with the National Information Assurance Partnership sponsored a pilot effort to determine to what extent NIAP evaluations of mobile app software could be automated. Vincent Sritapan, program manager for Mobile Security R&D at DHS S&T, and Michelle Brown, deputy director at NIAP, discuss these innovations for certifying mobile apps in government.

NUSTL Director Alice Hong discusses the lab's coordination with our nation's first responders on testing and evaluating cutting-edge technologies, from protective gloves to in-suit communication devices. We also talk about training exercises for radiological and nuclear incidents and active shooter scenarios, as well as how NUSTL is aiding in COVID-19 response efforts.

Adrian Monza discusses the strategy behind securing endpoints, users and data by getting rid of passwords and running anti-phishing exercises. He also talks about penetration testing, containerization and the importance of educating your entire organization about their role in cybersecurity.

Janet Vogel and Christopher Bollerer discuss the current challenges and opportunities in health cybersecurity, especially information-sharing across the public and private sectors, workforce training and education, and the cyber hygiene essentials underpinning security innovation.

CISA Assistant Director of Stakeholder Engagement Daniel Kroese and Marsh Senior Vice President Stephen Vina discuss the importance of partnerships in federal government in tackling some of the most pressing cybersecurity concerns. For more episodes, head over to https://governmentciomedia.com/cybercast.

Oki Mek discusses his priorities in his new position at the agency, including automating the authority to operate (ATO) process, educating the workforce on cybersecurity hygiene, the importance of blockchain and why innovation is not always about the technology.

Gerry Connolly discusses government progress on the standards and directives codified in FITARA, IT modernization and FedRAMP. We look at IT modernization efforts and discuss both the Modernizing Government Technology Act and the associated Technology Modernization Fund.

Stacie Alboum discusses her background in security at previous agencies plus how the "Optimize NIH" initiative and business management play into her current security priorities at the National Institutes of Health. For more episodes: https://www.governmentciomedia.com/cybercast

Servio Medina discusses the importance of cybersecurity in defense health records and activities. He is a proponent of maintaining a "cyber fit" regimen at home and professionally.