The White House Executive Order (EO) 14028, National Security Memo 8, and the U.S. Office of Management and Budget’s Memorandum M-22-09: though they sound like alphabet soup, these three sets of directives are fundamentally changing how the federal government secures cloud services, implements zero-trust architecture, and deploys multi-factor authentication.
Almost as important as what these mandates require is when they require them: M-22-09 requires that federal agencies meet specify cybersecurity standards by the end of FY 2024.
That’s why the 13th Annual Billington CyberSecurity Summit will be such an important moment for the public sector: federal agencies must act quickly to satisfy these requirements, protect their employees, and secure their missions. The Billington CyberSecurity summit will allow government leaders to discuss what’s working, what isn’t, and the actions they must take to improve the nation’s cybersecurity.
Building a Digital Identity Program
I’ll be reviewing these issues at the Billington CyberSecurity Summit, where I’ll moderate the “Building a Digital Identity Program” breakout panel on September 8th at 10:50 A.M.
There, I’ll speak with a panel of leaders about the critical role that digital identities play in developing a zero-trust framework. I’m eager to speak with and learn from this panel of public and private sector leaders:
- George Duchak, Director of Information Operations, J6, Chief Information and Innovation Officer, U.S. Defense Logistics Agency
- Shane Barney, CISO, U.S. Citizenship & Immigration Services, Department of Homeland Security
- Jameeka Green Aaron, CISO, Auth0
- John Sahlin, Director, Cyber Solutions Defense, General Dynamics Information Technology
During the panel, we’ll discuss why identity is a critical cybersecurity component and the common features that recur in identity programs across the public and private sectors. We’ll also review the specific features and core capabilities that CISOs need to consider when developing a digital identity program that aligns with a zero-trust framework, and the best practices that can support an effective identity program.
If you’re attending the Billington CyberSecurity Summit, then I hope you’ll be able to join our breakout panel.
How FedRAMP authorization can help meet your zero-trust directives
I’ll be candid: I’ve been in government technology for more than 25 years, and I don’t think there’s ever been a time like this. The three federal mandates represent a major change in how government agencies will operate going forward.
They’re also why RSA prioritized FedRAMP authorization of the RSA Cloud services for government use. We learned so much through the FedRAMP process, including the constraints that government agencies face when it comes to sourcing an identity provider and the need for identity services that work across complex IT estates.
Today, RSA is the only identity provider to receive FedRAMP Moderate Authorization through the Joint Advisory Board Provisional Authority to Operate (JAB P-ATO) process. That authorization helps Federal agencies move faster to implement identity solutions that fulfill the EO, reduce costs, and ensure operational security.
If you’ll be attending the Billington CyberSecurity Summit, then please reach out and schedule some time to speak with me or my team about how we can help you meet the presidential mandate.