Contextualizing Modern Cyber Risks (and how to mitigate them)

[…]

You’ve likely heard of Federal SaaS regulations like the Federal Risk and Authorization Management Program (FedRAMP), as well as laws such as the Federal Information Security Modernization Act (FISMA) and the Health Insurance Portability and Accountability Act (HIPAA).

Hear from Federal leaders; SaaS and compliance organization, Aquia; and cyber asset management leader, Axonius, to learn how to ensure that all SaaS applications meet these regulations and compliance requirements, as well as monitor usage and costs to optimize performance and efficiency.

[…]

M-21-31 is a clear directive for Federal agencies to advance logging capabilities, including log retention and management, “with a focus on ensuring centralized access and visibility for the highest-level enterprise security operations center (SOC) of each agency.”

Managing logs well requires great observability and to achieve that, an agency first needs visibility. That’s an issue when security information and event management systems can’t track unknown data on the network.

Listen into this chat with government leaders from the Department of Homeland Security, the Continuous Diagnostics and Mitigation program, as well as from Defend Integrators, on how they approach this challenge and what they’ve learned along the way.

[…]

The CISA Strategy – What It Means in 2023

In late 2022, CISA released its first strategic plan, outlining a unified approach to ensuring secure and resilient critical infrastructure for the American people. Hear about the four goals in the multi-year strategic plan, including:

• Spearheading a national effort to ensure the defense and resilience of cyberspace
• Reducing risks and strengthening the resilience of America’s critical infrastructure
• Strengthening operational collaboration of information sharing
• Unifying through integrated functions, capabilities, and workforce

[…]