CyberThreats 2025 - Beyond Zero Trust - Building Federal Cyber Resilience - Day One
The federal government has invested almost four years to move all its systems and networks to a least permissive access architecture, based on the concept of “never trust, always verify.” This has significantly improved cybersecurity, but it’s a moving target – bad actors, whether cyber criminals or hostile nation-states, keep evolving their tools and tactics, seeking new vectors they can penetrate.
To constantly improve an agency’s risk profile, security professionals must pay attention to trends both in cyber attacks and in new defensive measures. For instance, hackers are using AI to help their social engineering efforts, ferreting out and stealing legitimate login credentials.
Learning Objectives:
- Review the five pillars of trust and which pillars are the hardest to address with legacy or siloed systems
- Apply the concept of “least privilege” to your agency’s implementation of a least permissive architecture to determine feasibility
- Outline the range of analytics that can be used to understand your agency’s entire cybersecurity environment and response profile
Speaker Details
Hosted By:
Claudia Hosky
Publisher,
FedInsider
John Breeden II
Contributing Editor,
FedInsider
Opening Remarks:
Sean McDonald
North American Public Sector
Sales Director, Akamai Technologies
Fireside Chat:
James "Guideaux" Crocker
Original Creator of DOD Software Facrtories
Mike Colson
Director of Public Sector Growth,
Akamai Technologies
Session One: Rethinking Least Permissive Architectures
The federal push to implement zero trust architectures across all agencies is built on five pillars - identity, devices, networks, applications and workloads, and data. These work well, but do not address one of the government's ongoing issues: the existence of technology silos, where - whether because of outdated, legacy systems or capture by proprietary tech - that make achieving least permissive much more difficult. This is where the concept of least privilege comes in.
Larry Fuller
Sr. Scientific Technical Manager, Cybersecurity,
Naval Information Warfare Center (NIWC)
Mike Colson
Director of Public Sector Growth,
Akamai Technologies
Session Two: Identity, Access & Micro-segmentation
Identity is central to zero trust, but it also can be a fluid concept; users can be identified by their job titles, the tasks they're assigned, the work groups - both within and across disciplines - they contribute to, to name a few examples. A user might require access to a particular application in one role, for instance, but have no need for access when working in another of their roles. Utilizing micro-segmentation - dividing networks into smaller segments that can be isolated, often at the individual workload level - can mitigate threats from users that legitimately have access to one part of a system but should not be able to move laterally to other parts of that system.
Dave Zukowski
Director, Defense Solutions,
Public Sector, Akamai Technologies
Session Three: Building Cross-Pillar Capabilities
Integrating security across the five pillars means ensuring visibility across all of them, and analytical tools that can take the information to present a unified picture. To accomplish that requires both automation - to ensure that cybersecurity is consistent and up to date - and orchestration that ensures all the pillars are attended to in a timely manner. These measures also apply to governance, such as the application of required regulations and reporting.
David Bottom
Chief Information Officer,
Securities & Exchange Commission
Brian Dennis
Principal Technologist,
Public Sector,
Akamai Technologies
Closing Thoughts:
Rob San Martin,
Vice President,
Akamai Public Sector
Event Topic
Artificial Intelligence, Cybersecurity, Zero TrustRelevant Audiences
All State and Local Government, All Federal Government, National Guard, Air Force, Coast Guard, Navy, City Government, County Government, Municipalities, State Government, Central Intelligence Agency, Department of Agriculture, Department of Commerce, Department of Defense, Department of Energy, Department of Health and Human Services, Department of Homeland Security, Department of Housing and Urban Development, Department of Interior, Department of Justice, Department of Labor, Department of State, Department of Transportation, Department of the Treasury, Environmental Protection Agency, Equal Employment Opportunity Commission, Federal Aviation Administration, Federal Communications Commission, Food and Drug Administration, Federal Emergency Management Agency, General Services Administration, Government Accountability Office, National Aeronautics and Space Administration, National Institute of Health, National Security Agency, U.S. Agency of International Development, U.S. Census Bureau, U.S. Office of Personnel Management, U.S. Postal Service, Veterans AffairsOther Agency
Office of the President (includes OMB), Other Federal Agencies, Judicial Branch Agencies, Foreign Governments/Agencies