The Enduring Security Framework, a public-private partnership with NSA as its executive secretariat, released a new product examining the benefits, security risks, deployment, and benefits of 5G network slicing. Based on the previously published work “Potential threat vectors to 5G infrastructure,” the new document provides an executive overview of the risks involved with deploying network slicing, including potential management strategies. Learn about the Enduring Security Framework, the work t...
Feb 23, 2023•33 min•Season 5Ep. 4
With a challenging maritime computing environment, the Coast Guard supports several missions for the departments of Defense and Homeland Security. Assistant Commandant for C4 & IT Rear Adm. Christopher Bartz discusses his workforce, cybersecurity and tech priorities, including how he’s approaching the service’s own take on interconnected data systems akin to DOD’s JADC2 as well as a new software factory.
Feb 21, 2023•20 min
CISA’s Joint Cyber Defense Collaborative (JCDC) announced a 2023 planning agenda to stay ahead of persistent cybersecurity threats to federal agencies, such as supply chain risk and open-source software. Learn why these threats are so high profile and how federal agencies across defense, health and civilian sectors are working together to share critical information about cybersecurity risks and incidents. Don’t miss a fascinating tangent where we decide which superhero represents which federal a...
Feb 08, 2023•27 min•Season 5Ep. 3
As the Coast Guard prepares to launch its first software factory later this year, Deputy CIO Brian Campo discusses how his prior experience as CTO for the Department of Homeland Security prepared him to lead the Coast Guard into a more cybersecure future with zero trust, a continuous authorization to operate (cATO) approach and a strong foundation in data management strategies.
Jan 25, 2023•40 min•Season 5Ep. 2
Cybersecurity will always be a critical issue. In 2022 federal agencies developed targeted strategies and frameworks to stay ahead of the evolving threat landscape. Our hosts reflect on the top news and trends of last year, including new zero trust strategies out of the departments of Defense and Veterans Affairs, evolving tech and cyber workforce frameworks, plans to combat ransomware and more. Plus we discuss how these efforts will pave the way for progress in 2023.
Jan 11, 2023•48 min•Season 5Ep. 1
The Vulnerability Disclosure Program (VDP) is the youngest directorate within the Defense Department (DOD) Cyber Crime Center. Established in 2016, it's the sole focal point for receiving all vulnerability reporting at the agency, and it is uniquely positioned as it engages private-sector white hat researchers to support its mission. In January 2021, it expanded its scope from only public-facing websites to all publicly accessible DOD information systems. VDP Director Melissa Vice briefs how the...
Dec 14, 2022•24 min•Season 4Ep. 18
Global dependence on technology blurs the lines between national and cybersecurity, elevating the importance that consistent collaboration and information-sharing has in the industry. ODNI Director of Cyber Threat Intelligence Integration Center Laura Galante discusses the prevalence of disinformation and how the rapidly shifting cyber landscape impacts the intelligence community.
Dec 07, 2022•29 min•Season 4Ep. 17
Identity management is a key factor to creating a robust cybersecurity strategy. GSA’s newly published Privileged Identity Playbook helps federal agencies implement and manage a privileged user management function as part of an overall ICAM program. GSA’s Identity Assurance and Trusted Access Division Director Key Myers and CISA IT Specialist Ross Foard discuss the playbook’s implications and best practices around identity management. Privileged Identity Playbook: https://playbooks.idmanagement....
Nov 16, 2022•26 min•Season 4Ep. 16
The CyberCast Ransomware Miniseries comes to a close with advice from CISA, which serves as the federal hub for cyber training, awareness and resources for industry and federal agencies. CISA National Risk Management Center Assistant Director Mona Harrington discusses trends such as triple extortion and ransomware-as-a-service and how strategies such as network segmentation and cyber incident reporting can help.
Oct 26, 2022•27 min
Mobile devices have become a prime target for malicious actors and ICE is using zero trust to significantly improve threat detection and data protection. In this episode, ICE CISO Rob Thorne also highlights the importance of applying zero trust principles to enterprise mobility and how cyber hygiene activities are helping to propel the agency on its path to zero trust. This episode is sponsored by DataDog.
Oct 19, 2022•26 min•Season 4Ep. 15
The Army has been testing an application that would let its soldiers and civilian employees access the Army’s network through their personal devices. It is ready to scale up from under a thousand users to almost 20,000 employees. Lt. Gen. John Morrison, Army deputy chief of staff, G-6, provides more details on lessons learned from the program’s pilot, associated cybersecurity concerns, and how zero trust principles play a crucial role in securing data access. Morrison also touches on the Army’s ...
Oct 13, 2022•11 min
Hybrid cloud creates new efficiencies but can also cause new cybersecurity risks. The Defense Information Systems Agency (DISA), which helps lead cloud modernization for the Defense Department, needs strong partnerships with cloud vendors to maintain a strong security posture. Strategies such as "environment as code," DevSecOps and zero trust can help improve user experience while limiting vulnerabilities and strengthening overall cybersecurity. This episode is sponsored by ThunderCat and Dell T...
Oct 12, 2022•41 min•Season 4Ep. 14
GovCIO Media & Research has had a busy two weeks, hosting back to back CyberScape events on zero trust and data and automation security. Join deputy editor Kate Macri and staff writer/ researcher Sarah Sybert for a CyberScape double album, where they unpack the top takeaways from the sessions.
Oct 07, 2022•14 min
ICE is turning to its Homeland Security Investigations Cyber Crimes Center for assistance when it comes to getting a handle on the recent spike in ransomware, cyber fraud and other malicious attacks. ICE Division Chief of the HSI Cyber Crimes Center Matt Swenson also talks about a new cyber intelligence initiative that is providing ICE with a better way to make use of data and enhance the investigation process.
Sep 30, 2022•14 min•Season 4Ep. 13
Federal agencies are accelerating cyber programs and initiatives to stay up to speed with the quickly changing landscape. Deputy Editor Kate Macri and Staff Writer Sarah Sybert unpack top takeaways from the summer, including upcoming cybersecurity workforce strategies, DOD's new five-year zero trust strategy and new directives around supply chain security.
Sep 23, 2022•16 min
The Defense Department's second iteration of CMMC will soon be released with a focus on cyber hygiene and cybersecurity basics. DOD's CMMC lead, Stacy Bostjanick, discusses the importance of the guidelines and DOD's cyber expectations for the Defense Industrial Base — live from the Billington Cybersecurity Summit.
Sep 09, 2022•15 min
Federal cyber leaders want more women in cyber and national security roles, but many women don't know where to start. CYBERCOM Commander Col. Candice Frost discusses the importance of mentorship and offers practical advice for closing the cybersecurity workforce shortage and bringing more women into those roles.
Sep 08, 2022•35 min•Season 4Ep. 12
Retirement plan data is vulnerable to a variety of threats, including malware, ransomware, phishing, spoofing, business email compromise, social engineering, account takeover and privilege abuse, making it a critical priority to protect. Department of Labor Acting Assistant Secretary for Employee Benefits Security Ali Khawar discusses how new cybersecurity guidance over the past year has helped keep information secure.
Sep 01, 2022•29 min
The Defense Department’s 5G-to-Next G Initiative will help strengthen networks and pave the way for 5G implementation to securely operate at the edge. The “Operate Through” portion of the initiative is leveraging infrastructure already in place for enhanced communication while preventing adversaries from obtaining sensitive mission details — with the millimeter wave spectrum playing a key part in this effort. Director of the Operate Through 5G Initiative Dan Massey provides more details about ho...
Aug 18, 2022•38 min•Season 4Ep. 11
The FBI has been keeping tabs on the evolution of ransomware, and in recent years ransomware attempts and incidents have risen significantly in both sophistication and severity. The latest in this ransomware miniseries talks to FBI's Cyber Section Chief Bryan Smith on how the agency's investigation and mitigation tactics have advanced alongside these cyber crimes — including best practices to make your organization resilient amid growing threats.
Aug 11, 2022•34 min
With a region spanning Northeast Africa, Middle East and Central and South Asia, CENTCOM is preparing for the Defense Department's JADC2 effort to better connect data capacities around the world. DISA Central Field Command's Tania Wilkes shares some of her top cyber challenges and how she believes cyber education will make or break cybersecurity for military operations. Expect to hear about satellite communications, 5G security, zero trust and more in this episode.
Jul 21, 2022•35 min•Season 4Ep. 10
Faced with increased threats from ransomware, the health care industry is growing its security priorities with technology and data. Dr. Kevin Fu, acting director of medical device cybersecurity at the Food and Drug Administration's Center for Devices and Radiological Health, discusses FDA's recently updated draft of its premarket cybersecurity guidance and how medical device developers can leverage capabilities like threat modeling to drive a proactive approach to cybersecurity.
Jul 07, 2022•25 min
A new Zero Trust Portfolio Management Office is putting the Defense Department on track to improve its overall cybersecurity posture. While this will be a major task for DOD, a zero-trust roadmap will ensure the proper training and workforce are in place for greater interoperability across the entire department. The portfolio management office will also help accelerate the adoption of zero trust throughout DOD and make it an embedded way of life. DOD’s Principal Deputy CIO for Cybersecurity Mark...
Jun 15, 2022•14 min•Season 4Ep. 9
The Cybersecurity and Infrastructure Security Agency promotes a variety of best practices and resources across the cyber space, and the software bill of materials — otherwise known as SBOM — is a rising area of importance. We speak with one of CISA's top promoters of SBOM development at the 2022 RSA Conference to dive into the different components of SBOM development, the benefits SBOMs bring to your security posture and how you can work on developing your own SBOMs today.
Jun 08, 2022•23 min
The Defense Department's Cyber Crime Center (DC3) is a federal cyber center and serves as a center of excellence for digital and multimedia forensics. Its training academy also trains thousands of DOD personnel every year. Acting Executive Director Joshua Black, a longstanding cyber expert, discusses the ransomware trends and threats facing the Defense Industrial Base in this kickoff episode in CyberCast's Ransomware Miniseries.
Jun 02, 2022•12 min
Army Software Factory CISO Angel Phaneuf discusses how she's working to foster zero trust interoperability and a healthy cyber culture throughout the Defense Department. She also tells the story of how Army Software Factory discovered the Log3j vulnerability and mitigated it in only 24 hours.
May 25, 2022•18 min•Season 4Ep. 8
GovCIO Media & Research returned to in-person events on Thursday with Infrastructure: Cloud Modernization. Our senior researchers are joined by staff writer Adam Patterson to break down top takeaways from the event, including critical approaches to cloud implementation, the role of the user in cybersecurity, data literacy and more. Featured perspectives include leadership from DISA, GAO, VA, GSA, U.S. Army and more.
May 20, 2022•14 min
Hear from Col. Ken Kuebler about the importance of modular, open-systems architecture and his top cybersecurity and IT modernization challenges for the Fixed Wing program office at USSOCOM.
May 19, 2022•9 min
USSOCOM Networks and Services COO Col. Joe Pishock sits down with GovCIO Media & Research to discuss the importance of commercial cloud-hosted collaboration tools for network modernization and the cybersecurity challenges, such as overclassification, that hinder successful implementation.
May 17, 2022•16 min
AFCEA TechNet Cyber 2022 marks another return to in-person events, and Senior Researcher Kate Macri is here to discuss top takeaways and themes from the conference. Topics include ICAM solutions, zero trust, cyber operations and what it's like to be in-person again after two years of online panels.
May 06, 2022•17 min
