SecureWorld Government Virtual Conference 2023

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

Financial service firms have a responsibility to provide fool-proof security to instill faith in customers, and send a strong message that combating threats is a prime objective. They cannot afford to be complacent, especially when the majority of information produced or utilized in financial services is private and sensitive, not to mention highly regulated. All this adds up to make cybersecurity vital to business.

Building sustainable ongoing security starts with all-inclusive optics into the sensitivity of data and automated organization-wide control of it. Organizations can assemble all this with multiple solutions, but doing so is time-consuming, expensive, and can be fraught with integration woes.

There’s a better way. This session takes a deep dive into reducing complexity in sensitive and private data protection, including:

• How to dig deep across the enterprise into every place sensitive data may be stored, from data lakes to endpoint devices
• The benefit of automatic policy-specific remediation, including masking, redaction, deletion, and encryption
• How to scale data protection and compliance as data volumes increase

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

The past year alone has revealed major vulnerabilities in critical infrastructure systems that resulted in immediate action to be taken by the White House. If there’s one lesson to be learned from the Colonial Pipeline attack and similar recent attacks such as the SolarWinds breach, it’s that companies must do everything they can to protect their critical infrastructure, environments, and networks.

Within the last year, nearly half of organizations were victims of a cyberattack that was caused by a third-party vendor. The effectiveness of hackers using third parties to infiltrate internal networks is still seen in attacks on critical infrastructure systems like water plants and gas pipelines. The only way to really know the threats emerging from sophisticated and advanced hacking methods is by assessing all points of vulnerability.

In this presentation, learn how government organizations can take action and put the right protocols in place to protect specifically against third-party breaches and provide actionable best practices using real life examples. With 54% of organizations not monitoring the security and privacy practices of third parties that they share sensitive or confidential information with on an ongoing basis, we will touch on why these organizations are so susceptible to attacks in the first place and the underlying issues when it comes to government entities using external vendors.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

State, Local, Tribal and Territorial (SLTT) governments face the threat of continuous cyber-attacks from numerous groups with different intentions to disrupt their ability to provide services and support to citizens. Citizens trust an rely on their governments to provide and maintain services that they rely on for essential life sustainment and emergencies. In recent decades research and investments in technology to enhance methods, solutions, and equipment have improved service delivery and emergency response operations provided by governments.
SLTTs have adopted and embraced advanced technology solutions that increased and improved their capabilities to provide essential and emergency services to their citizens. The effective management and security of these critical services are under constant scrutiny, and even the smallest system failure may be unacceptable to citizens and erode their trust in government. Several studies have shown that cybersecurity programs at the SLTT level receive varying support to ensure security and reduce the risk of compromise. How can budget constrained, understaffed, and low skilled employees of SLTTs establish, maintain and protect the security of their critical information (CI) systems reducing risk and avoiding failures due to cyber-attack? Security professionals, Chief Information Officers (CIO) and Chief Information Security Officers (CISO) are often placed in frustrating positions that limit their options to reduce risk because they are resource constrained. Implementing cybersecurity and risk frameworks that offer foundations to build stakeholder awareness, increase funding, establish needed enforcement authorities can identify gaps, reduce frustration and boost confidence in programs. Combining these basic frameworks with continuous improvement through leadership, information sharing, and partnership building has proven successful in industry cybersecurity programs and can work in SLTTs.

Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

Key take-away: 
How to rethink database security controls in a cloud-first world.

For most organizations, data repositories hold our most sensitive, mission critical assets. As enterprises continue their digital transformation journeys, data repositories and the sensitive assets within are more exposed than ever before for several reasons, including a dramatic rise in the:

• Amount of data created, collected, and stored
• Number of repositories storing sensitive data across clouds
• Number of users and applications that need access to data

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

When a data breach or other cyber incident happens, having a plan in place can mean the difference between a quick recovery and unwanted headlines and irreparable harm to stakeholder trust.

Key Take-away:
How to navigate the establishment of a TPRM program for FinTechs and Startups with simplicity.

You have a great idea, you pitch it and the investors love it, you received your first (or second) round of funding, but now you are left stumped. A sponsor is asking you how are you managing the risk of your third parties. You think, I don’t have any “third parties” then you remember your cloud service provider, you connected APIs, the applications your employees (hopefully) installed via legitimate channels, the open-source software used in the development, and all the unknowns. You are left thinking you may have just opened Pandora’s box. How do you navigate this process, now, tomorrow, and into the future?

Presentation Level:
GENERAL (InfoSec best practices, trends, solutions, etc.)