The purpose of this session is to highlight the use of cyber risk frameworks within the government marketspace, as well as how they can and have been successfully leveraged. This can enhance an agency's cyber security posture and risk awareness while supporting and enabling an organization's missions, goals, and objectives.

Even as state government Chief Information Security Officers (CISOs) have increased their access t o and communications with top leaders, the top three issues impacting states' cybersecurity remain the from past surveys - budget, talent, and increasing cyber threats. These findings from the 2018 Deloitte-NASCIO Cybersecurity Study, based on input from all 50 states, are a call for bold action to disrupt the status quo. Attend this session for a discussion on actionable steps government CISOs can take around teaming with the private sector and higher education, being an enabler of innovation - not a barrier, and advocating for dedicated cybersecurity program funding.

Digital transformation is accelerating the adoption of outsourced services and the utilization of extended and complex supply chains. Organizations have recognized that these complex supply chains can easily be the most difficult threat vector to manage. This panel will examine the state of supply chain utilization by public sector organizations, risks, and best practices for supply chain risk management.

Smarter Cities and Counties are working to leverage IoT and data analytics technologies to improve city efficiencies, make better decisions, and respond more rapidly to incidents. A key component of a Smarter City strategy is to protect these new technologies from compromise.  As cities deploy more network-attached resources to the field, the chance of cyber intrusion increases. The need for automated cybersecurity monitoring and automated response becomes a critical component of the strategy.

Federal, state, local, and international governments are faced with multiple competing priorities related to regulatory compliance. In this digital age, in order to stay ahead of the compliance challenges, agencies need to transform their business operating models to better manage, prioritize, and report on risk across their enterprise. Learn what experts are doing to address their compliance challenges and transform how they do business today.  

Ever-expanding government-managed, digital platforms create an evolving modern attack surface that can result in an intensifying cyber exposure gap in the face of escalating threats from nation-state actors and other adversaries. Our panel will discuss current and future approaches to the protection of IT networks, as well as critical infrastructure from these cyber threats in a progressively connected world.

Quantifying cyber risk is foundational to managing cyber risk. This panel will look at the challenges to quantifying cyber risk, methodologies, and best practices used, as well as how organizations leverage cyber risk quantification to prioritize risk mitigation efforts.

The CISO panel discussion will consist of a thoughtful discussion between federal, state, and local government CISO’s relative to challenges, threats, and opportunities. The panel will also highlight initiatives they’ve undertaken to improve cybersecurity capabilities, organizational resiliency, and a deeper organizational understanding of risk.

Learn from NIST representatives about the NIST Privacy Framework: A Tool for Enterprise Risk Management. NIST leadership will hold a panel discussion on development of the framework to date, tackling topics such as: the stakeholder engagement process since kick-off of this effort, the comments received on NIST’s Request for Information (issued 11/13/18), and the draft annotated outline of the framework. Attendees will learn how this framework could support their privacy risk management efforts, and will have an opportunity to ask questions.