CyberCast

CyberCast, along with GovCast and HealthCast, will now be published in the GovCIO Media & Research Podcasts feed. Subscribe and listen today on the podcast platform of your choice.

The Department of Education is kicking off the second phase of its zero trust strategy by focusing on security orchestration and automation response to stay ahead of the evolving threat landscape.

Education CISO Steven Hernandez discusses how the agency is tailoring its cyber tools and technologies by automating manual processes and leveraging identity, access and credential management (ICAM) solutions to improve the user experience and further zero trust.

Federal agencies are modernizing their cybersecurity strategies as threats continue to evolve. Faced with the National Cybersecurity Strategy, zero-trust implementation and recruiting a cyber workforce, agencies are primed for a busy 2024 in cyber and IT.

Managing Editor Ross Gianfortune and Staff Writer/Researchers Nikki Henderson Whitfield and Jordan McDonald break down some of the biggest developments ahead for federal IT and cyber leaders.

Featured episodes include:

• 7:05: The National Cyber Strategy https://governmentciomedia.com/listen-open-source-software-national-security-priority

• 10:28 The 6 Core Principles Vital to Building a Robust Culture of Cyber Readiness https://governmentciomedia.com/listen-6-core-principles-vital-building-robust-culture-cyber-readiness

• 16:33 How the Pentagon Plans to Fill 30,000 Open Cyber Positions https://governmentciomedia.com/live-afcea-technet-cyber-how-pentagon-plans-fill-30000-open-cyber-positions

• 21:34 National Cyber Strategy Supports a More Resilient Water System https://governmentciomedia.com/listen-national-cyber-strategy-supports-more-resilient-water-system

• 17:15: FEMA is Leveraging AI to Secure Networks https://governmentciomedia.com/listen-fema-leveraging-ai-secure-networks

This episode is sponsored by Zscaler.

The White House released its National Cybersecurity Strategy in March and is ending the year with the first permanent National Cyber Director in nearly a year. On CyberCast, we covered it all.

Take a listen back to some of the highlighted interviews with federal IT leaders, officials and experts this year as CyberCast traveled to Hawaii, California and Maryland. Our team interviewed leaders from agencies including the Federal Emergency Management Agency, the Cybersecurity Infrastructure Security Agency, the Department of Veterans Affairs and the Environmental Protection Agency.

On this year-end episode of CyberCast, Managing Editor Ross Gianfortune, and Staff Writer/Researchers Jayla Whitfield and Jordan McDonald reflect on the most memorable episodes and cybersecurity topics of 2023.

Featured episodes include:

• 1:45: The National Cyber Strategy https://governmentciomedia.com/listen-open-source-software-national-security-priority

• 7:00 Where the White House Wants Agencies to Prioritize Cybersecurity Investments https://governmentciomedia.com/listen-where-white-house-wants-agencies-prioritize-cybersecurity-investments

• 12:45 How the Pentagon Plans to Fill 30,000 Open Cyber Positions https://governmentciomedia.com/live-afcea-technet-cyber-how-pentagon-plans-fill-30000-open-cyber-positions

• 17:15: The White House Wants to Fix the Cybersecurity Workforce https://governmentciomedia.com/listen-white-house-wants-fix-cybersecurity-workforce

This episode we're diving into zero trust at the Defense Department. Specifically, how that is playing out for the Indo-Pacific region.

We recently had the opportunity to connect with several leaders at the AFCEA TechNet Indo-Pacific conference in Honolulu where they shared with us how they're thinking about this quickly changing landscape and what it means for cybersecurity. This includes an update on DOD's review of submitted zero trust implementation plans, and also a peek at some of those plans at the Air Force and Indopacom. 

Featured interviews include:

Randy Resnick, Director, Zero Trust Portfolio Management Office, DOD. https://governmentciomedia.com/dod-zero-trust-chief-were-start-multi-phased-journey

Justin Stolpman, Director, Zero Trust Functional Management Office, Air Force. https://www.governmentciomedia.com/air-force-eyes-next-gen-gateways-amid-zero-trust-plan

Paul Nicholson, Deputy CIO and Executive Director of Coalition Communications, Indopacom. https://governmentciomedia.com/look-zero-trust-theater-indopacom

FEMA is developing prototypes for AI use cases in cybersecurity implementation amid a White House artificial intelligence executive order that directs agencies to establish and maintain standards for safety and security of the technology.

FEMA CISO Gregory Edwards discusses how the rapid pace of AI innovation is spurring partnerships across federal agencies to work together to leverage best practices for their missions.

He also provides an update on the agency’s zero trust journey, how his office is anticipating future of cybersecurity needs and how he’s balancing that with modernization initiatives.

The Environmental Protection Agency is honing in on multiple pillars from the National Cybersecurity Strategy to secure critical infrastructure at its water and waste-water operations.

The agency deems water security to be national security and is an area that needs critical attention. Efforts are underway to increase cyber awareness in the water sector and ensure systems remain resilient.

EPA cybersecurity leaders Douglas Vick and David Travers break down what the threat is to the nation's water systems and how two programs are helping mitigate risks and ensure water services operate without disruption. Additionally, the officials highlight some of the new tools that are helping the agency boost overall cyber resiliency across its workforce.

The U.S. Digital Corps is bringing innovation to government by placing early-career technologists at agencies. Operated by the General Services Administration (GSA) Technology Transformation Services (TTS), the Corps’ fellowship program gives individuals the chance to work on critical issues at the intersection of technology and public service.

Digital Corps fellow Brittney Wright is on the cybersecurity track,  assigned to the National Institutes of Health (NIH). Wright is passionate about cybersecurity and said she wants to provide hope to others that are looking to pivot into the field. She discussed her journey to cybersecurity and the ongoing talent gap that the government faces.

Bad actors accessing sensitive government data through vulnerable weak points is an ongoing concern for federal IT officials, who are making securing data a top priority amid digital modernization. Challenges in data security arise when you need to balance it with efficient data access while keeping threat actors out.

In this episode, we break down some of the best practices in this area and feature insights from federal leaders at the departments of Veterans Affairs and Defense.

Cited officials include:

Army Cyber Command’s Lt. Gen. Maria Barrett (https://governmentciomedia.com/live-afcea-technet-cyber-army-cyber-command-tackles-emerging-trends-cyber-workforce )
DOD Principal Director for Cybersecurity Mark Hakun  (https://governmentciomedia.com/listen-dods-portfolio-management-office-accelerates-adoption-zero-trust )
VA Deputy CISO Jeff Spaeth (https://governmentciomedia.com/listen-look-inside-vas-zero-trust-first-cybersecurity-approach )

This episode is sponsored by Cohesity.

The U.S. Digital Corps is bringing innovation to agencies through early-career technologists. Operated by the General Services Administration (GSA) Technology Transformation Services (TTS), the Corps’ fellowship program gives individuals the ability to find themselves working on critical issues at the intersection of technology and public service.

Digital Corps fellow Jamila Crawford on the cybersecurity track in the program is assigned to the Cybersecurity & Infrastructure Security Agency (CISA). She discusses her work at CISA’s Shared Services Division, her career and cybersecurity priorities in government.

JCDC Partnerships International, which sits within CISA’s cybersecurity division, works with 150 partners worldwide with the goal of sharing and exchanging critical information allowing the U.S. to respond to cyber threats faster, protect the country’s critical infrastructure more effectively and relay that information to its international counterparts to do the same.

Patricia Soler, Section Chief for JCDC Partnerships International at CISA, discusses the mechanisms that a fast-growing organization like CISA needs to have in place to process large volumes of information that can be shared with public and private sectors and its international partners. She also talks about CISA’s ransomware notifications that alert organizations of a ransomware attack before the damage occurs.

The Department of Veterans Affairs is amid a cybersecurity modernization plan to put identity management and zero trust at the forefront of the biggest security threats facing technology teams.

Jeff Spaeth, deputy CISO and executive director of information security operations at VA, is a bit of a boomerang. A veteran himself and longstanding cybersecurity professional, he returns to VA under a new cybersecurity modernization strategy. Spaeth discusses what this “Zero Trust First” strategy looks like, the key tools the agency employs to stay ahead of threats and where he sees emerging technologies impacting the space most.

This episode is sponsored by CyberArk.

In its recently released National Intelligence Strategy, the Office of the Director of National Intelligence outlines the strategic direction for the Intelligence Community (IC) over the next four years. In it, Director of National Intelligence Avril Haines notes the dramatically changing environment in which the IC operates, including the IT environment. Innovation, information sharing and cyber workforce development are points of emphasis in the document, which reflects the input of officials from each of the 18 elements making up the IC.

The White House recently released it National Cyber Workforce and Education Strategy to enhance and unleash America's cyber talent. The plan addresses the workforce needs in the public and private sectors by introducing cybersecurity concepts throughout all levels of education. The document proposes making advanced occupational training in cyber more accessible and affordable. Agencies and industry partners have signed onto the document, which builds on longstanding White House workforce goals.

Staff Writer Anastasia Obis and Managing Editor Ross Gianfortune discuss the document's points of emphasis, its goals and the cybersecurity workforce challenges which the White House looks to address with the plan.

Military cyber leaders repeatedly say zero trust is critical, essential and integral to the Defense Department's Joint All-Domain Command-and-Control (JADC2) concept. A zero trust approach to cybersecurity helps organizations improve data security, manage users on the network and facilitate data interoperability, all key components of JADC2. Enjoy this preview of our upcoming GovFocus, “Zero Trust Enabling the Future Joint Force,” featuring leaders from U.S. Navy and industry. Register to watch at https://governmentciomedia.com/govfocus/zero-trust-enabling-future-joint-force

The Office of Management and Budget along with the Office of the National Cyber Director released a memo laying out cybersecurity investment areas that agencies will have to include as they make their budgetary decisions for the next fiscal year. We break down those investment areas, how it ties to the recently released National Cybersecurity Strategy and what to expect in the coming months.

Emerging technologies are proving to be very beneficial to the National Oceanic Atmospheric Administration when it comes to climate modeling, behavior analytics and its overall mission. Not only has automation technologies played a key role in NOAA's weather forecasting and environmental monitoring, but also machine learning has been a huge help in the areas of threat detection and vulnerability assessment. Longstanding cyber leader Chi Kang, deputy director for operations in NOAA's Cyber Security Division, highlights some of NOAA's cyber modernization goals for this year including how the agency is working to attract the best cyber talent and moving closer toward a zero-trust architecture.

Since 2018, the Department of Veterans Affairs has been on a journey to the cloud to streamline operations, drive down expenses, better protect data and improve business operations. The agency’s Deputy Director of Infrastructure Operations Kendall Krebs explains how VA is looking to not only use cloud to improve the speed and quality of its application development, but also secure this digital environment — leveraging platforms like VA Platform One (VAPO) to speed authority to operate and trim application deployment cycles. Throughout this journey, culture change is key. Krebs dives into next steps and latest updates.

The Marine Corps is on track to being one of the most distributed forces ever with significant command, control, communications, intelligence and cyber capabilities. A unified network with modernized network equipment is critical to operating in this environment. Cyber Technology Officer Shery Thomas discusses the Marine Crops’ efforts to combine networks with multiple classification levels into a single enterprise, how the service plans to better secure its systems and bring those capabilities to the edge.

The ultimate goal of the Army’s recently established Zero Trust Functional Management Office is to have a secure unified network that is defended by a fully implemented zero trust framework that will enable multi-domain operations and accomplish the Army’s missions. Col. Michael Smith, director of this office, details next steps for zero trust implementation across the enterprise to get to the goal of full zero trust adoption for the Army by 2027.