Click a block to view session details
In alignment with the Cloud Smart Initiative, Centers for Medicare & Medicaid Services (CMS) has developed a Cloud Security and Privacy Handbook. This document was created to provide System Owners, Business Owners, Cloud Service Providers (CSPs), ISSOs and other stakeholders guidance and procedures to facilitate cloud services authorization requirements for CMS and Federal Risk and Authorization Management Program (FedRAMP). The Cloud Handbook tells the story from a privacy and security perspective and supports controls defined in the CMS IS2P2 and the CMS ARS and the CMS Risk Management Handbook (RMH) Series applicable to cloud environments. At CyberWorks, stakeholders will get their first look inside the handbook as we work to create transparency across the agency on cloud services.
You're a CIO, CISO or IT Security Manager - and you've been woken up in the middle of the night with a call from your Data Privacy Officer. Personal data held by your organization is available for purchase on the dark web. This disclosure puts the privacy of your customers or employees at risk. What do you do next? Join this session to go through a breach investigation and response scenario addressing the challenges of complying with GDPR, which went into effect in 2018. You'll hear from a former CISO who was responsible in previous role for HIPAA compliance, and for managing financial data in compliance with data protection laws of 20+ countries.
Healthcare IT systems continue to be a primary target for hackers with an ever-growing spectrum of cyber threats including ransomware and mobile malware. To be vigilant in protecting patient data, CMS Business Owners, with support from CMS OIT, need to refine strategies to develop a security-aware culture, build security and privacy requirements into applications, and implement security automation through programs like CDM. The CMS CDM program combines all the CMS continuous monitoring and DHS CDM-provided capabilities to support ongoing risk management. Hear more about this effort from the CMS CDM Lead.
This presentation will walk attendees down the path of where did we come from, how did we get here, and what the devil do we do now, regarding data location, segmentation, protection, and regulatory compliance issues. Through the use of a slide presentation containing graphics, statistics, a comprehensive procedural roadmap, and surprises, those attending will walk away with a more keen and usable set of data points that can be utilized, with confidence, as they assess, design, and transverse their own paths to data organization, and mitigation of data vulnerability.
User Behavior Analytics (UBA) has been a buzz word in the cybersecurity industry for over three years. Depending on who you talk to in the industry, you will hear many fascinating tales on how machine learning is the "easy button" or the "one stop show for detecting insider threats".
The first step in gaining security insights with Splunk UBA, is to first set the proper expectations. In this presentation, we will take a look at what types of detections Splunk's UBA product can accomplish, how the solution works, and the steps to take for a proper installation and integration into your Splunk Security Posture.
This presentation will also cover the required data sources for a proper UBA deployment, an overview of how user and device baselining is accomplished, and the timeframe associated with a proper installation.
The presentation will answer the audiences' questions on the differences between supervised machine learning, and unsupervised. It will also talk about how UBA should be a part of a layered defense and work hand-in-hand with Enterprise Security to bridge the gaps between known and unknown/insider threats.
Participants will understand how the POA&M facilitates a disciplined and structured approach to tracking risk mitigation activities. There will be interactive segments where participants will learn how to describe the current disposition of any discovered vulnerabilities and system findings, and how to include corrective actions for those findings.
Federal High Value Assets (HVAs) definitions have recently been updated in the Dec 2018 OMB memo, M-19-03. Our HVAs often contain the PII and PHI that is primary goal online criminals target for identity theft and fraud. The proposed 45 minute talk will provide an overview of the new HVA language and the security and privacy practices recommended to build trustworthy systems from inception to decommission. Real word examples will bring theory to life with HVA challenges and successes from both a toolset and process perspective underscored in HiGLAS Splunk Deployment and NCIs Cancer Moonshot Clinical Trials application development projects. Appropriate for all technical levels.
A Framework for the Modern Security Operations Center
Security architectures typically involve many layers of tools and products that are not designed to work together, leaving gaps in how security teams bridge multiple domains to coordinate defense. The Splunk Adaptive Operations Framework addresses these gaps by connecting security products and technologies from our partners with Splunk security solutions including Splunk Enterprise Security (ES) and Splunk Phantom. Build a modern security operations center by using the Splunk Adaptive Operations Framework to:
• Ingest structured or unstructured data from any source
• Drive collaborative decisions supported by rich analytics
• Perform orchestrated actions across a comprehensive range of technologies in the SOC
Detect, Investigate and Act on Security Events
With an open ecosystem consisting of more than 240 integrations and 1,200 APIs across all security domains, the Splunk Adaptive Operations Framework (AOF) brings together ecosystems previously known as the Splunk Adaptive Response Initiative and the Phantom Community. Designed for heterogeneous security architectures, customers can benefit from the Splunk AOF to improve cyber defense, security operations and achieve a security nerve center. Participating partners can benefit from the Splunk AOF through the building and expanding integrations with members of the Splunk AOF community to address customer needs.
Ms. Tina Williams-Koroma
This talk addresses a range of topics related to risk-based planning and implementation for organizational cybersecurity, looking at both internal and external threats. Identifying critical assets and prioritizing their protection involves questions of law, policy, and risk tolerance. The talk covers systems development and management processes, exploring risk mitigation solutions through policies, best practices, operational procedures, and legal regulations. We highlight challenges unique to protection of sensitive personal and healthcare information. We explore insider threat from a cyber perspective, including historical forms of sabotage and espionage. We discuss national and international policy and legal considerations related to cybersecurity and the organizations involved in the formulation of such laws and policies. Finally, we will explore the emerging opportunities and risks associated with the major technology trends of Cloud, Data Analytics, and Artificial Intelligence.