Welcome to the 11th annual cybersecurity summit is a delight to have you here. I am the founder cybersecurity and host of the summit. It is my great privilege and honor to introduce to you the two analysts and those who are opening the conference the next two days. David is the Vice President for Us Government at Amazon Web Services and the deputy cio at omb. It is my honor to introduce to you and thank you for joining us. I cannot think of a better way to begin the conference then right now. Thinks tom. Its exciting to be here with all of you. Im very excited about the conference and im thrilled about the opportunity to be with all of you. Particularly i am thrilled to be here and in a couple years the last time we ran into each other that was quite a bit of fun and were looking forward to the conversation. Changeover time as we move from the mainframe environments to networking to those local Area Networks that see the evolution of technology over the years in my experience its been a phenomenal. Id really like change and technology and ive done so much in the areas of network and engineering and operations and enterprise management. Ive been able and fortunate to do so many things along the way. Watching the change in how the government has evolved and moved right along with the technology, i feel like in many areas i was on the leading edge of a new look at the innovation curve i was always on the leadingedge of a lot of the technology. Its been really phenomenal to see the change in the evolution and even now the technology continues to see the change and the continued growth in how the governmenand how thegovernment f the technology capability. I agree it is exciting if my hair were growing it would be gray because at the time that we were portraying [inaudible] i wasnt very good at it and thankfully technology carved out a Business Career for me but ive certainly seen a change that is very exciting. Im going to turn to cyber a little bit. Cyber incidents appear to be escalating frequency. And not a day goes by without a news story about another breach or some sophisticated mechanism or new attack. What goes through your mind when you hear about a potential attack . The we talk about how everything is escalating. They are not going to stop. They are going to continue. Even through thithey been throu, we saw a huge escalation on the attacks against the federal government, against industry, you know, across the private sector. Everybody saw it. And as we look at that, there were many things we put in place across the years i and the fedel government to be able to manage that so we are blocking traffic and addressing things during all of the right things to be able to protect the federal government, its environment and certainly the data. So when you hear about the attacks, great. There were so many of them especially the last six to eight months. And thinking how the federal government operated on cybersecurity is a testament to the security around networking in its modernization over the last several years and we continue the rate over time not just cybersecurity, but everything we do around technology modernization. Cybersecurity is built in to everything and again, raising the bar in seeing that increase in maturity levels in the policies and procedures and tools that they are using to detect or defend or whatever they are working on in their organization that it continues to grow wil and will continue te that on and on even a dhs, you know, standing up im sure youve heard about the securities of service. Theres 96 agencies across the federal government and often times some of them just dont have the personnel or the funding to be able to do that and thats where the sum of these Services Come in and focus on standardizing, Vulnerability Management and some of the other activities around cybersecurity. Hearing about the attack, we are handling those or mitigating those and they are prepared for those certainly again, what we have seen through the pandemic over the last six to eight months in the big escalation and attack and all the work that we have done has prepared us for this. From the industry perspective they have seen leaders like you and others across the government come together to tackle cybersecurity as a major issue and so it is exciting to see that there is so much collaboration and sharing. I also seem the executive branch and the legislative branch and sure there is Adequate Funding and of course in your role you played a big part of helping to make sure that happens. However, budgets could be threatened now due to other priorities. What do you think we need to do to makes sure cybersecurity remained a priority within the agencies and the leadership doesnt get fatigued or complacent with all of the discussion around the front . I talked about the federal government continuing the race and i think this comes in many forms. People talk about the hard outer shell and those days are gone and cybersecurity is being built into everything. The federal government has moved into this model. Security is built into everything that its doing and i think that is incredibly important because when you look at the president s management agenda, cybersecurity is built into everything we are doing and even recently around the supplychain. We had a conversation this morning talking about that part of it could supplychain and risk to the federal government and how that will be addressed from the budgeting standpoint to your question and that work is going to continue to. And we get our arms not just around the supplychain ecosystem that is cybersecurity. Again it is built into everything we are doing. It isnt just one thing. Its the response from its mitigation, its training people to understand phishing attacks and the training that goes with it. The budget has to support everything we are doing as they are modernizing the system. Its building it throughout the Organization Even if we are moving into things like zero trust networks and taking advantage of the technologies to build in the cybersecurity capabilities. How do you make sure you have the resources you need and when you need them . Security is being built into everything now. Its the kind of go to models to how do you make sure you have the resources they need when you need them . As the cio look at their organizations, they have to make sure they have the resources and they are appropriately funded to have what they need first and foremost it is about the people and the tools and processes around it and they have to continue to keep cybersecurity front and center because even as we have a federal data strategy, we have to protect our data. Cybersecurity when i talk about it through the ecosystem it is throughout the entire Technology Stack and when you are looking at the work force and making sure you have the resources, from the omb perspective and policy perspective, making sure that the resources are available and how we help agencies meet those needs to address all of the cybersecurity threats that are out there. Totally agree. We are out here in an industry building things and trying new. Some of these emerging and future technologies we hope to bring to bear in the government, but what do you see in the emerging and future technologies that we have to worry the most about on a security perspective . Across the federal government, weve got this modernization we have to have sustained longterm modernization across the federal government. Your question is asking about leaving future technologies. I have a long run on the modernization to keep things going, yet we have emerging technologies and a lot of discussions on quantum computing, for instance. And the impact that its going to have on encryption. Is the federal government prepared to support the next ten years with quantum computing and potentially breaking current encryption methodology. We have to be prepared for that so that even as we are modernizing some of the old legacy systems, we have to make sure the current systems as well are keeping up and that we are ready and planning ahead so that as technology falls, we are there and we are not opening ourselves up to those security vulnerabilities. Again even those things we have invested in and the infrastructures and the zero trust networks and the flexibility and scalability that gives the ability to configure the platform for the usable services and the technologies are emerging and can take advantage of that as we move forward in our modernization sure the. We talked a little bit about the work force and demanded talent a little bit. One of the best lines of defense is the work force. It might be the best line of defense. But what are you thinking about and what are you doing to ensure that they have the tools, training available to prevent, mitigate from cyber attack . Across the federal government, not a more granular level of a lot of the agencies continue to train how you are going to react during these phishing attack exercises so it isnt blocking whatever may be coming in on the spam but having the workforce being able to recognize that. Just as important as the workforce, we think about technology. But that workforce thats using any of our solutions, they have to understand these skills and the technology into the skilled in favor of where it recognized the phishing attempts as they are coming in. What is the potential scam coming in. That isnt going to stop and we have to make sure that over workforce keep their skills relevant as the defaults. Its important and it doesnt just phishing and scams but also recognizing social media not just in the government and work life but also in their personal life because they could be targeted through social media and elsewhere just because of their government job. They could be targeted so we need to make sure we continue to train that workforce. I would make the point that the council is investing in the it workforce and we graduated about 50 people from the federal Cyber Academy last year so they are continuing on the training and even when that training people in data science and cybersecurity components built into all of that, making sure they are training just the it workforce but the broad federal workforce and what continues to come at us. Thats great to hear. Are you more worried about the inside for work threats from [inaudible] ive seen both fruits through covid where the folks intentionally or unintentionally shared information and they take a picture of the screen into the next thing you know they share it on social media. I have seen that happen through covid. You can see on the screen shot somebody to go to their camera. This is distribute it on social media. It is a problem. We need to continue to educate the workforce. By the same virtue we have that external threat as well and we talked about that a few minutes ago. I think we have to be vigilant on the inside and external threat. Often times the best line of defense against Cyber Threats is the workforce. I said this a minute ago it needs to be part of the solution around the cybersecurity whether it is phishing or scams or social media or when they see an hnc misused i saw that for services the government was offering. There were other people creating social media accounts whether it was on twitter or facebook and they were trying to confuse the federal government customers. This is where every federal government needs to be aware that if they see something they say thats not right we are not doing that at our agency and raise the flag to say i saw this account and i think it is fake into the Workforce Needs to be aware of that and if it comes back to being aware on cybersecurity and paying attention to those things. Aware and vigilant. I really appreciate the time today. We thank you for your service and all the you are doing and all the Technology Community across the federal government. We appreciate everything you are doing and are very supportive and looking forward to getting through this pandemic and hopefully we will all be together again solving problems and look forward to that day billington cybersecurity said david summit. This runs 20 minutes. Good morning
vimarsana.com © 2020. All Rights Reserved.