AgendaSafeNet AT 2019 Cipher Summit

SafeNet AT’s tech gurus will share their wealth of product knowledge with attendees throughout the day. Each station will feature demonstrations of our latest and greatest solutions. The gurus will also be on standby to answer product questions.

Encrypting sensitive data is a fundamental part of any cyber security strategy. However, the cryptographic keys used to encrypt and decrypt data are often overlooked. Cryptographic keys are the keys to the kingdom. Large volumes of encrypted data yield copious amounts of cryptographic keys which need to be managed, stored, and secured. If these keys are compromised, attackers can gain access to encrypted information. Data is only as secure as the system managing the keys that protect it.

This session will discuss the best practices for protecting cryptographic keys. Attendees will learn how to:

• Mitigate the insider threat
• Meet compliance and audit mandates
• Protect intellectual property in multi-tenant environments
• Secure data located in disaster recovery sites
• Protect data against physical theft of disk drives

Being breached is not a question of 'if' but 'when', therefore best practice data protection means ensuring data is effectively useless when it falls into unauthorized hands. Technologies have enabled more powerful data collection, analysis and sharing capabilities than ever before. The greater the aggregation of data, the more valuable it becomes, making Big Data increasingly attractive to cybercriminals. Technologies which produce Big Data lead to 'big' data networks, 'big' Cloud computing and 'big' datacenter services - all of which expose organizations to even 'bigger' threats including data theft, cyber-crime and malicious cyberattacks.

Threats to data are not limited to fraud, theft and harm arising from breaches of privacy, but include the risks to data integrity and its serious consequences. There is also the risk of data being transmitted to an unintended location. Whether transmitted in error due to a device error, human error, or a deliberate act, the risks to privacy and integrity exist. The need to protect data in motion from cyber threats has also increased exponentially as data network usage grows, the data transmitted becomes increasingly valuable and bandwidth demands increase. The moment data is being transmitted to another location - control is lost and it's at risk! The effective encryption of data in motion does not attempt to prevent cybercriminals accessing the data network. Its critical benefit lies in the fact that it protects the data! The optimal assurance is that the data itself is of no value to unauthorized parties.

This session will discuss the latest network encryption technology and best practices for network security. The speaker will address topics such as:

• Benefits of Layer 2 encryption
• Securing mega data transmissions
• Implementing virtualized network encryption to secure SD WANS
• Protecting communication against the quantum threat

Attending to the Unattended - RPA

Cryptographic Authentication U.S. Federal agencies often require the use of Public Key Infrastructure (PKI) authentication based on smart cards, generally Common Access Card (CAC) or Personal Identity Verification (PIV) cards, to access certificate-enabled applications. This requires a user to physically insert a smart card into a card reader and enter a pin to complete a cryptographic challenge/response.

Traditional multi-factor authentication introduces roadblocks to technologies like RPA. The Office of Management and Budget Memo M-19-17 outlines a policy that requires management of digital identities of devices, non-person entities and automated technologies such as RPA. RPA bots are now required to have individual digital identities and credentials that are managed in the same fashion as user identities. Essentially, bots need the ability to perform a "smart card login" for authentication to operate in production systems. Although unattended RPA bots cannot be issued a traditional smart card, they can utilize smart card login capabilities through the use of a centralized, hardware security module-based authentication system.

This session will discuss how Federal agencies can securely utilize RPA to increase efficiency and enhance the experience across back-office and front-office operations:

• Benefits of RPA
• RPA cryptographic authentication
• DoD Implementation Use Case

SafeNet AT’s tech gurus will share their wealth of product knowledge with attendees throughout the day. Each station will feature demonstrations of our latest and greatest solutions. The gurus will also be on standby to answer product questions.

Buzzword tracking can be overwhelming. From AI to Quantum, it can be challenging for federal agencies to stay on top of the latest trends and understand if and how they can be applied to existing and future cyber security strategies. This panel session will address hot trends in IT. Panelists will share their insight into what these trends mean for agencies.

Topic to be addressed include:

• Quantum Preparedness
• Key Management
• Encryption
• Edge Computing

SafeNet AT’s tech gurus will share their wealth of product knowledge with attendees throughout the day. Each station will feature demonstrations of our latest and greatest solutions. The gurus will also be on standby to answer product questions.

IT solutions require protection, detection and recovery throughout its lifecycle HPE and SafeNet AT provide these essentials across our solution portfolios from the edge/tactical, traditional, compute, storage and networking - composable and hybrid IT cloud.

America today is a "connected" society. In all aspects of our daily lives we've become dependent and rely greatly on our ability to collaborate and communicate. The need for highly mobile and interoperable communications is critical to the maneuverability of our military and first responders in environments that rarely conform to traditional IT requirements. This means that today's operator needs their data and information at the edge of the battlespace or disaster and cannot always depend on reach-back capability. Having a man-portable system that can operate reliably anywhere is the solution. For the past 28 years, Klas Telecom has been focused on reducing the footprint of the equipment that must be carried into the field to operate. Gone are the days of palletized equipment. The Voyager system is a modular and small form-factor tactical communications system that fits in an airline carry-on-size rollaway case. It enables rapid insertion of commercial technology for the austere environment. Voyager is a first-to-market in a range of tactical communication technology areas including route, switch, compute, storage, and cellular that can function in any operational environment.

This session will address how Klas Telecom Government has revolutionized the ability to securely gather, process and disseminate information at the tactical edge.

With the publication of the OMB memorandum M-19-17, the expectation has been set that strong authentication for access to federal information systems is to be significantly extended over the next two years.

The original smart card approach to PIV established the core tenet of using cryptographically secure methods of authentication for connection to government data and resources. However, due to a number of technological incompatibilities, this ideal has been far from universal in its application.

The changing landscape regarding smartphone usage was addressed through SP800-157 defining the concept of mobile derived PIV credentials. These are slowly being deployed and are deliverable today through management solutions from a few credential management vendors.

The broader issue addressed by the OMB however is that of universality of access from a very broad range of user devices. This is to be achieved through the use of different form factors and credential types - USB keys and FIDO credentials for example.

There is clearly a compelling case for diversification of authentication form factors, but with that significant expansion of deployed devices comes an imperative to deliver a single point of administration, so that we address the risk of 'rogue' authenticators being left active despite their owners no longer being eligible for access.

This presentation examines the issues and describes how Intercede's MyID provides practical solutions to these problems.

SafeNet AT’s tech gurus will share their wealth of product knowledge with attendees throughout the day. Each station will feature demonstrations of our latest and greatest solutions. The gurus will also be on standby to answer product questions.

How will the future of cyber security continue to evolve? Innovators are constantly developing new solutions to address tomorrow's quandaries. Our adversaries will continue to stop at nothing to breach our national security. With the rapid adoption of cloud, IoT, and digital transformation, how can we continue to protect what we have today and beyond to accommodate for these disruptive technologies. This session will address future challenges affecting the cyber security landscape and new solutions being developed to improve efficiencies and mitigate impending risks.

High speed networks are the critical foundation that supports many of an agency's most vital communications and operations. However, this foundation is at risk of surveillance and attack by increasingly sophisticated cyber criminals and well-funded nation states. These network connections, if unprotected, are proving to be highly vulnerable, leaving sensitive assets exposed. Threats such as shared infrastructure exposure, man-in-the-middle attacks, and metadata exposure leave agencies susceptible to a range of devastating repercussions.

So, what is the best way to protect network traffic? Encrypt everywhere-between data centers and headquarters to backup and disaster recovery sites, whether on premises or in the cloud.

This session will discuss high speed network encryption best practices. Attendees will learn how to efficiently and effectively protect their network traffic in order to safeguard it from threats.