CyberScape: Zero Trust

CyberScape: Zero Trust

 
graphic
graphic
Event builder display intro
Tysons, VA
Watch Videos
 

Zero trust is sweeping across government. Following the May 2021 White House Executive Order on Improving the Nation's Cybersecurity, IT leaders are implementing new structures and systems to build the foundation for zero trust. Government leaders will address topics such as ICAM strategy and software-defined network access structure. Tech-minded leaders from defense and civilian agencies discuss best practices and how this will impact future procurements and their missions.

Date
September 29, 2022
Time
8:00 - 11:30 AM ET
Where
Archer Hotel Tysons - 7599 Colshire Drive, Tysons, VA 22102
Special Recap
two audience members chat

Session Recordings

image of Jay Gazlay Associate Director for Vulnerability Management, Cybersecurity Division, CISA
Fireside Chat: Paving the Way with Zero Trust
image of Sterling Wilson, National Alliances Leader, Data Security and Management, Rubrik Federal
Industry Perspective with Sterling Wilson
image of ICAM solutions panel featuring Felipe Fernandez, Director, Systems Engineering, Fortinet Federal and Kenneth Myers, Director, Identity Assurance and Trusted Access Division, GSA
ICAM Solutions
image of SBOMs and Software Security panel - Zero Trust Breakfast
SBOMs and Software Security
image of Mike Epley, Chief Architect and Security Strategist, Public Sector, Red Hat
Industry Perspective with Mike Epley
image of endpoint security panel
Endpoint Security
image of Kurt DelBene, Assistant Secretary for Information and Technology and CIO, VA
Fireside Chat with Kurt DelBene
image of Michael Hoffman, President, GovCIO Media & Research
Closing Remarks

Related Coverage

Federal Agencies Implementing New Approaches to Software Security
Federal Agencies Implementing New Approaches to Software Security
Modernizing approaches to software security leads to better detecting vulnerabilities and preventing zero-day incidents like the SolarWinds attack.
Adam Patterson
ken myers
GSA Outlines Best Practices for Identity Management
Ken Myers explains how GSA’s new playbooks are guiding federal agencies’ identity management.
Sarah Sybert
Data Management Key to Successful Zero Trust Strategy, CISA Says
Data Management Key to Successful Zero Trust Strategy, CISA Says
Data standards and governance determine federal agencies's readiness for zero trust.
Anastasia Obis
VA CIO: Zero Trust at the Core of the Agency's Vision and Security Focused Workforce
VA CIO: Zero Trust at the Core of Agency's Vision, Security-Focused Workforce
CIO Kurt DelBene stresses the importance of building the agency's vision and workforce upon the fundamental aspects of zero trust.
Nikki Henderson
 

Agenda

 
-

Breakfast & Networking

-

Welcome Remarks

Michael Hoffman, President, GovCIO Media & Research

-

Fireside Chat: Paving the Way to Zero Trust with Data

The White House Executive Order on Improving the Nation’s Cybersecurity highlighted the need for a new federal cybersecurity approach, but zero trust isn’t a one-size-fits-all solution. For many federal agencies, data quality, standards and governance determine their zero trust readiness. Learn how federal agencies can prepare for a zero trust architecture, starting with data.

  • Jay Gazlay, Associate Director for Vulnerability Management, Cybersecurity Division, CISA
  • Moderator: Kate Macri, Deputy Editor, GovCIO Media & Research
-

Industry Perspective

  • Sterling Wilson, National Alliances Leader - Data Security and Management, Rubrik Federal
-

Panel: ICAM Solutions

As federal agencies continue to develop zero trust architectures and frameworks, accurate and efficient user verification is a key piece to nail down. In environments like health care and law enforcement, speed of verification and layers of privacy protection are even more critical. We’ll talk with federal agencies grappling with these challenges in their mission work and how best practices in ICAM can help.

  • Felipe Fernandez, Director, Systems Engineering, Fortinet Federal
  • Kenneth Myers, Director, Identity Assurance and Trusted Access Division, GSA
  • Moderator: Sarah Sybert, Staff Writer/Researcher, GovCIO Media & Research
-

Coffee Break

-

Panel: SBOMs and Software Security

Federal agencies adopting cloud solutions and integrating new software applications into their cloud-based IT infrastructure need new cyber strategies to secure the software-defined perimeter. The SBOM has emerged as a new way to identify and track potential vulnerabilities in the software supply chain. Hear from cloud and cyber leaders about how they’re using SBOMs and other techniques to secure software applications in the cloud.

  • Natalia Martin, Acting Director, National Cybersecurity Center of Excellence, NIST
  • Phil Stupak, Director of Federal Cybersecurity, Office of the National Cyber Director
  • Nicole Thompson, Digital Services Expert, Defense Digital Service
  • Moderator: Adam Patterson, Staff Writer/Researcher, GovCIO Media & Research
-

Industry Perspective

  • Mike Epley, Chief Architect and Security Strategist, Red Hat
-

Panel: Endpoint Security

Securing cloud user endpoints, such as desktops, laptops and mobile devices, is a major challenge for federal agencies as they move to the cloud and support a distributed workforce. Zero trust principles like ICAM solutions can help, but harmonizing endpoint security goals with mission needs requires flexibility and adaptability. This panel will draw insights on endpoint security in a remote, cloud-based work environment.

  • Gerald Caron, CIO, Office of the Inspector General, HHS
  • Drew Malloy, Technical Director, Cyber Development Directorate, DISA
  • Jesse Peoples, Chief Security Architect, Leidos
  • Don Watson, CISO, USPTO
  • Moderator: Katherine MacPhail, Staff Writer/Researcher, GovCIO Media & Research
-

Fireside Chat

  • Kurt DelBene, Assistant Secretary for Information and Technology and CIO, VA
  • Moderator: Amy Kluber, Editor-in-Chief, GovCIO Media & Research
-

Closing Remarks

Michael Hoffman, President, GovCIO Media & Research

 

 
 

Featuring

 

Gerald Caron is a member of the Senior Executive Service (SES) and is Chief Information Officer (CIO) / Assistant Inspector General of Information Technology (AIG/IT) for the Office of the Inspector General (OIG) at the Department of Health and Human Services (HHS) as of May 2021.

Previously he has served as the Director of Enterprise Network Management (ENM) within the Directorate of Operations in the Bureau of Information Resource Management (IRM) since June 2016.

Mr. Caron has over 24 years of information technology (IT) experience. He began his career in the US Army working in hands-on technical positions serving for 7 years as a Programmer and Administrator. Mr. Caron then spent 2 years as a contractor with the federal government, where he acquired more refined technical skills and a more detailed understanding of IT operations. He joined the federal government at the Department of State (DOS) in 2003 as a Systems Administrator. He has held multiple positions at the DOS, moving from managing small technical groups leading up to Director for ENM.

One of his most significant accomplishments was acting as the technical liaison during a major cyber security event at the Department. His leadership allowed the Department to resolve the incident as quickly and effectively as possible with minimal impact to the mission.

As the Director of ENM, Mr. Caron was personally responsible for the leadership of the largest office within the IRM bureau. This included managing the financial portfolio of over $200 million and prioritization of work across a wide range of disciplines. In this role he was responsible for the network and authentication infrastructure for the Department, led the re-engineering of the Department’s primary Identity and Access Management solution, formed teams to address key security efforts needed to mitigate future potential cybersecurity attacks through collaborative efforts, led the redesign of the Department’s Active Directory significantly improving security and responsible for the engineering and management of all the Department’s global network infrastructure and perimeter security infrastructure.

Mr. Caron is a co-chair on the CIO’s Innovation Counsel for Zero Trust as well as co-chair for ATARC.org Zero Trust Working Group. He previously chaired ATARC.org Trusted Internet Connection (TIC) 3.0 Working Group which resulted in 8 vendor proof of concepts being delivered to government participants.

Mr. Caron received his associate degree (Magna Cum Laude) in Computer Information Systems, Network Administration from the Northern Virginia Community College. At the Department of State, he also has received training in Executive Potential Program from the USDA Graduate School in 2009 and Advanced Leadership Skills in 2014. He received his certification in May 2020 as a Forrester Zero Trust – Strategist (ZTX-S) and received his Federal IT Security Manager Certification (FITSP-M) in 2017. Mr. Caron has received numerous individual awards for his exceptional service since 2004.

Gerald Caron
Gerald Caron
CIO, Office of the Inspector General, HHS

President Joseph R. Biden, Jr. nominated Kurt DelBene to serve as the Department of Veterans Affairs (VA) Assistant Secretary for Information and Technology and Chief Information Officer (CIO), and the United States Senate confirmed his nomination by voice vote on December 16, 2021.

As VA’s senior information and technology executive, Mr. DelBene oversees the day-to-day activities of VA’s Digital Transformation, managing a budget of more than $4 billion. He leads a workforce of approximately 16,000 government and contract staff who enable health care and benefits delivery to more than nine million enrolled Veterans.

Before joining VA, Mr. DelBene was a longtime executive for Microsoft and served in numerous leadership roles with increasing responsibilities over more than 25 years. Most recently, he was Executive Vice President of Corporate Strategy and Core Services Engineering and Operations and led the company’s cross-engineering and cross-business strategy, execution, and planning initiatives.

Mr. DelBene rejoined Microsoft in April 2015 after assisting former President Barack Obama with Healthcare.gov, the enrollment website for the Affordable Care Act. From December 2013 to July 2014, he served as senior advisor to the Secretary of Health and Human Services, helping assess and implement the first Open Enrollment period, including troubleshooting problems and setting the project up for long-term success. During this time, he was also the liaison to White House and Health and Human Services senior leadership.

As president of the Microsoft Office Division from 2010 to 2013, Mr. DelBene was responsible for Microsoft’s global productivity strategy for information workers. He oversaw the engineering and marketing functions for a wide range of productivity products and services, including Office, Office 365, Exchange, SharePoint, Lync, Project, and Visio.

Mr. DelBene also served as the senior vice president for the Microsoft Business Division, where he was responsible for the development of client and server software that delivers a holistic productivity experience to organizations and individuals, including authoring, collaboration, communications, information sharing, and project management.

Prior to joining Microsoft in 1992, Mr. DelBene was a management consultant with McKinsey and Company, focusing on business strategy for technology companies. He also worked as a software developer and systems engineer for AT&T Bell Laboratories, working in graphics and imaging software and network switching systems.

Mr. DelBene holds a Master of Business Administration degree from the University of Chicago, a Master of Science degree from Stanford University, and a Bachelor of Industrial Engineering from the University of Arizona. Mr. DelBene is married to U.S. Congresswoman Suzan DelBene who represents Washington's 1st Congressional district. They have two children.

Kurt DelBene
Kurt DelBene
Assistant Secretary for Information and Technology and CIO, VA

Michael Epley has been helping the US defense and National Security communities use and adopt open source software over the last 2 decades with practical experience as a software developer and enterprise architect. During his tenure at Red Hat, Michael has passionately driven adoption of key technology: cloud and kubernetes, tactical edge/forward deployed systems, data analytics tools and platforms, and disconnected operations -- always in the context of security and compliance concerns unique to this sector. Michael has BS degrees in Mathematics and Mechanical Engineering from Virginia Tech and a JD from The University of Texas School of Law.

Mike Epley, Chief Architect and Security Strategist, Public Sector, Red Hat
Mike Epley
Chief Architect and Security Strategist, Public Sector, Red Hat

Felipe Fernandez is the CTO at Fortinet Federal, a U.S. next-generation cyber security solution vendor that provides real-time threat detection and prevention. In addition to his role as a team manager, Felipe also oversees the US Federal product strategy and certification process at Fortinet Federal, such as the DoDIN APL and NSACSfC.  Felipe has more than 21 years of experience in consulting, deploying, operating, and auditing security solutions in DoD and the private sector.

Felipe Fernandez
Felipe Fernandez
CTO, Fortinet Federal

Jay Gazlay is an Information Security Specialist for the CISA Cyber Security Division of the DHS, where he manages the vulnerability ecosystem and the coordinated vulnerability disclosure process. Prior to working at CISA, Mr. Gazlay worked for Acuity, Inc., where he served as Technical Director, managing a team of engineers in direct support of multiple Secretaries of State and staff. Throughout his 13 years at the Department of State, he also served a Senior Principal Engineer, coordinating IT operations, and building/managing large scale systems throughout the Department.

In early 2020, Mr. Gazlay was selected to serve on the Common Vulnerabilities and Exposures (CVE) Board. As a board member of the CVE, Mr. Gazlay participates in open and collaborative discussions with other cybersecurity experts in an effort to provide critical input regarding the data sources, product coverage, operating structure, and strategic direction of the CVE Program.

Jay Gazlay
Jay Gazlay
Associate Director for Vulnerability Management, Cybersecurity Division, CISA

Amy Kluber is editor-in-chief of GovCIO Media & Research. Previously she managed two aviation publications at B2B media company Access Intelligence. She was nominated for The Innovation in Aerospace Journalism & Publishing Award for launching and hosting an aviation podcast. Prior to that she wrote news scripts and produced videos for the network Newsy. Follow Amy on Twitter: @amykluber

She earned her bachelor’s and master’s degrees in journalism from the University of Missouri in Columbia, Missouri. Having traveled around the world since an early age, she grew up a U.S. Army brat born in Vicenza, Italy, and spent most of her youth living in Seoul, South Korea.

In her free time, you may find her at Disney World.

Amy Kluber
Amy Kluber
Editor-in-Chief, GovCIO Media & Research

Katherine MacPhail is a Staff Writer and Researcher for GovCIO Media & Research, where she covers IT across federal health and civilian agencies.
 
Katherine earned her bachelor’s degree from Oberlin College, where she served as Editor-in-Chief of The Oberlin Review after holding the positions of Arts & Culture Editor, Staff Writer and Production Editor. She joined the GovCIO Media & Research team in November 2021.
 
Originally from Durham, North Carolina, she loves live music, rock climbing and books. 

Katherine MacPhail
Katherine MacPhail
Staff Writer/Researcher, GovCIO Media & Research

Kate Macri is a deputy editor for GovCIO Media & Research, where she primarily covers the Departments of Defense and Homeland Security.

Prior to joining the team in June 2020, she covered the video game industry and small businesses for Zenger News. She also covered banking and finance news for Banking Dive, a B2B media publication based in Washington D.C., and reported logistics, supply chain and shipping news for Supply Chain Dive.

If she isn't boxing or walking her boxer, you can find Kate with her nose in a Stephen King novel, slaying monsters in the world of Final Fantasy or waiting for a blue public call box to land in her front yard.

Kate Macri
Kate Macri
Deputy Editor, GovCIO Media & Research

Drew Malloy is an experienced senior technical executive leading teams in cybersecurity, software development, systems engineering and digital transformation. He has worked at DISA for thirteen years, serving in several engineering roles and currently as the Technical Director for the Cybersecurity and Analytics Directorate. Prior to DISA, he was an engineer at the U.S. Naval Research Laboratory. His areas of expertise include secure application development, DevSecOps and C4ISR. 

Drew Malloy
Drew Malloy
Technical Director, Cybersecurity and Analytics Directorate, DISA

Natalia Martin is a Deputy Director for National Cybersecurity Center of Excellence (NCCoE), Information Technology Laboratory (ITL), National Institute of Standards and Technology (NIST). NCCoE is a collaborative hub convening experts from industry, academia, and government to work on critical problems in cybersecurity. The NCCoE’s collaborations focus on providing practical guidance to technical, real-world cybersecurity challenges using standards-based, commercially available technologies.

Natalia Martin
Natalia Martin
Acting Director, National Cybersecurity Center of Excellence, NIST

Kenneth Myers is the Director of the Identity Assurance and Trusted Access Division with the General Services Administration Office of Government-wide Policy. He advises and coordinates government-wide cybersecurity policies and collaborates with federal executive branch agencies on implementation guidance. As an identity professional, he has experience working with various public and private organizations on digital identity, PKI, security management, and governance challenges. He is a former active duty Marine and a current doctoral candidate in the Marymount University Doctorate of Science in Cybersecurity program.

Kenneth Myers
Kenneth Myers
Director, Identity Assurance and Trusted Access Division, GSA

Adam Patterson is a staff writer/researcher for GovCIO Media & Research, where he covers IT and innovation at the Department of Veterans Affairs.

Prior to joining the team in June 2019, Adam worked as a researcher at the National Defense University’s Center for Applied Strategic Learning (CASL) where he helped design war games and crisis response exercises. He has also worked at the Johns Hopkins Center for Global Affairs performing research and analysis covering the Syrian Civil War.

Adam earned a Master of Arts in strategic studies and Middle East studies at the Johns Hopkins University School of Advanced International Studies where he focused on insurgency, asymmetrical conflict and the social origins of mass violence.

Adam Patterson
Adam Patterson
Staff Writer/Researcher, GovCIO Media & Research

Jesse Peoples is a Chief Security Architect in the Digital Modernization Accelerator organization under Leidos' Office of Technology. He is responsible for developing and refining reusable solutions and approaches in support of the enterprise focus on growth. He is leading research to study and operationalize Zero Trust Architecture for customers. As part of the Zero Trust IRAD, Jesse leads a multi-vendor Zero Trust Proving Ground laboratory (ZTPG-Lab) which facilitates the development, integration, test, and deployment of zero trust solutions.

Jesse Peoples
Jesse Peoples
Chief Security Architect, Leidos
Phil Stupak
Phil Stupak
Director of Federal Cybersecurity, Office of the National Cyber Director

Sarah Sybert joined GovCIO Media & Research as a staff writer/researcher in March 2021, where she primarily covers the Department of Health and Human Services. Before Sarah joined the team, she covered defense, industry and information technology reports and events with Executive Mosaic. Her work has helped connect private and public sector leaders and promote awareness of emerging market trends. 

When she’s not on the job, you can find her hiking in Shenandoah, checking out the newest “hole-in-the-wall” coffee shop or jamming on the guitar.  Sarah earned her bachelor’s degree in English, with minors in Creative Writing and Film Studies, at Flagler College in St. Augustine, Florida.

Sarah Sybert
Sarah Sybert
Staff Writer/Researcher, GovCIO Media & Research

Nicole Thompson is a Digital Services Expert for the Defense Digital Service. She works extensively on DDS’s Hack the Pentagon program and serves as a senior cybersecurity engineer on DDS’s many other projects. Prior to DDS, she worked at NAVAIR for 12 years, testing and securing air platforms, avionics, and the networks on which they rely. Nicole holds a Master’s degree in Cybersecurity and a Bachelor’s degree in Computer Science.

Nicole Thompson
Nicole Thompson
Digital Services Expert, Defense Digital Service

Don Watson is the USPTO’s Chief Information Security Officer (CISO) and Director of Cybersecurity. Prior to joining USPTO, he was Director of Security Operations at the U.S. Customs and Border Protection (CBP), Department of Homeland Security. At CBP, he led a large team of IT professionals and oversaw cybersecurity monitoring, analysis, incident response, cyber threat intelligence, digital media analysis, and data protection and monitoring. Prior to CBP, Don served at the Department of Defense in uniform and as a civilian employee for 28 years in IT and cybersecurity technical and leadership roles.  He completed a M.S. in Information Technology and a B.S. in Business Management with the University of Maryland.  He completed both the Chief Information Officer (CIO) and CISO Certification programs with the National Defense University.  Don is currently a Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), and is ITIL Foundation certified.

Don Watson
Don Watson
CISO, USPTO

Bringing a unique perspective from 20 years of datacenter experience in government, private and financial sectors, Sterling Wilson is an exciting and passionate Data Security Evangelist who understands the industry. In this age of data automation, machine learning and infrastructure modernization, the security and integrity of your most strategic asset, data, is top of mind for everyone. Sterling discusses how our modern needs of Data Management, Resiliency, and Security can’t be met with legacy thinking and solutions.

Sterling Wilson
Sterling Wilson
National Alliances Leader, Data Security and Management, Rubrik Federal
 

Agenda

 
-

Breakfast & Networking

-

Welcome Remarks

Michael Hoffman, President, GovCIO Media & Research

-

Fireside Chat: Paving the Way to Zero Trust with Data

The White House Executive Order on Improving the Nation’s Cybersecurity highlighted the need for a new federal cybersecurity approach, but zero trust isn’t a one-size-fits-all solution. For many federal agencies, data quality, standards and governance determine their zero trust readiness. Learn how federal agencies can prepare for a zero trust architecture, starting with data.

  • Jay Gazlay, Associate Director for Vulnerability Management, Cybersecurity Division, CISA
  • Moderator: Kate Macri, Deputy Editor, GovCIO Media & Research
-

Industry Perspective

  • Sterling Wilson, National Alliances Leader - Data Security and Management, Rubrik Federal
-

Panel: ICAM Solutions

As federal agencies continue to develop zero trust architectures and frameworks, accurate and efficient user verification is a key piece to nail down. In environments like health care and law enforcement, speed of verification and layers of privacy protection are even more critical. We’ll talk with federal agencies grappling with these challenges in their mission work and how best practices in ICAM can help.

  • Felipe Fernandez, Director, Systems Engineering, Fortinet Federal
  • Kenneth Myers, Director, Identity Assurance and Trusted Access Division, GSA
  • Moderator: Sarah Sybert, Staff Writer/Researcher, GovCIO Media & Research
-

Coffee Break

-

Panel: SBOMs and Software Security

Federal agencies adopting cloud solutions and integrating new software applications into their cloud-based IT infrastructure need new cyber strategies to secure the software-defined perimeter. The SBOM has emerged as a new way to identify and track potential vulnerabilities in the software supply chain. Hear from cloud and cyber leaders about how they’re using SBOMs and other techniques to secure software applications in the cloud.

  • Natalia Martin, Acting Director, National Cybersecurity Center of Excellence, NIST
  • Phil Stupak, Director of Federal Cybersecurity, Office of the National Cyber Director
  • Nicole Thompson, Digital Services Expert, Defense Digital Service
  • Moderator: Adam Patterson, Staff Writer/Researcher, GovCIO Media & Research
-

Industry Perspective

  • Mike Epley, Chief Architect and Security Strategist, Red Hat
-

Panel: Endpoint Security

Securing cloud user endpoints, such as desktops, laptops and mobile devices, is a major challenge for federal agencies as they move to the cloud and support a distributed workforce. Zero trust principles like ICAM solutions can help, but harmonizing endpoint security goals with mission needs requires flexibility and adaptability. This panel will draw insights on endpoint security in a remote, cloud-based work environment.

  • Gerald Caron, CIO, Office of the Inspector General, HHS
  • Drew Malloy, Technical Director, Cyber Development Directorate, DISA
  • Jesse Peoples, Chief Security Architect, Leidos
  • Don Watson, CISO, USPTO
  • Moderator: Katherine MacPhail, Staff Writer/Researcher, GovCIO Media & Research
-

Fireside Chat

  • Kurt DelBene, Assistant Secretary for Information and Technology and CIO, VA
  • Moderator: Amy Kluber, Editor-in-Chief, GovCIO Media & Research
-

Closing Remarks

Michael Hoffman, President, GovCIO Media & Research

 

 

Gold Sponsors

Fortinet Federal logo
 
Leidos logo
 
Rubrik Federal logo
 
Red Hat logo
 
 

Silver Sponsor

 
 
 
Box logo
 
 
 
Follow Us 
© 2023 GovCIO Media & Research LLC. All rights reserved. Privacy policy.