8:00 am – 4:30 pm followed by the networking reception in the Expo Hall
The public sector – it’s more than the government. Our way of life is organized, delivered, and made possible by countless publicly controlled or publicly funded agencies, enterprises, and other entities delivering a wide range of products, services, and programs. And as citizens and taxpayers we expect quality, convenience, and cost-effectiveness from all of these. But the promise of technology and connectivity to deliver these benefits is being undermined by the cybersecurity perils that plague our entire economy and undermine our confidence.
In this track, we will focus on the cyber challenges faced by State, Local, Tribal, and Territorial governments and the ecosystem that operates around them. We’ll stand back and examine the cyber state-of-play for SLTTs as a whole, and also drill down to specific examples. We’ll look at what this community has in common both internally as well as with the economy at large. What are the challenges that all of us face, like budgets, policy, building a cyber workforce? How can we leverage and synchronize with Federal activities? We’ll also examine the role of the Multi-State Information Sharing and Analysis Center as both an information and a services hub for this entire community. And more importantly, what resources can we share, and what lessons can we learn from each other?
Target Audience: municipality, city, county, state, tribal CISOs, Chief Security Officers, CROs, CIO, CTOs, County Commissioners, those involved with exposure to cyber risk. GRC Governance, Risk and Compliance officers and those involved with Data Privacy. Possibly Chief Financial Officers that have to manage to risk.
Rohit Tandon, CISO, Minnesota and Carlos Kizzee, MS-ISAC Stakeholder Engagement will introduce the Public Sector Summit; outlining key challenges, requirements, capabilities, and solutions being implemented to address and mitigate the cyber security concerns for this unique sector.
Public Sector Cybersecurity: The State of the States, Local Governments, Tribes, and Territories
Eugene Kipniss, MS-ISAC Federal Engagement and SLTT Assessments will keynote the Public Sector Summit with critical observations from this year’s Nationwide Cybersecurity Review (NCSR); an anonymous cybersecurity maturity self-assessment completed by thousands of SLTT governments and presented to Congress bi-annually. His presentation will include a brief on the threats and trends currently observed by the MS-ISAC and impacting SLTT governments; providing a summary threat landscape of the community. He will explore what the NCSR data can tell us about our risk reduction priorities in light of increasing threats to SLTT, and help the audience consider how we can best leverage the NCSR to communicate those priorities to our law makers.
The value of your data
Government has a higher level or responsibility to protect data, as they force people to provide the data.
Critical Success Factors in Cybersecurity
Irrespective of whether the organization is public or private sector, any information security management program relies on several requirements and expectations at the organizational level to be successful. The degree of success is dependent upon the extent that these success factors are supported by the organization. This presentation will discuss the nature of these success factors.
Sharing Resources across the Silos
How someone working at a city and county level can better collaborate across the State and Nation.
State/Local Grants, Critical Infrastructure Funding for Services
Integrating cyber practices for both givers and receivers of funding. Funding is generally associated with services for residents of your community. Technology plays a critical role in delivering critical services and protecting that technology from cyber threats also requires investment. What are some of the approaches to seek out investment opportunities that defend the technology and protect recipients data around social services.
Importance of Removing Politics from Cyber
Cyber Zeros and Ones should not be red or blue. Explaining to your legislatures how technology has a corner stone impact to all citizens. Consumers have a choice to interact with private sector and provide personal data, however in the public sector the data collected is not optional for residents. This should place a higher burden on public sector to protect the sensitive data. There are also public disclosure expectations. (In the event of a data breach – how does the state rebuild confidence). Purpose – describe the why, and suggest how
Topic tables? Host a round table based on a topic from the public sector track committee members
Smart Cities need Smart Cyber
Protecting citizens, service programs, infrastructure. How can we prapare for the smart cities that both public and private entities are responsbile for defending. What are some strategies to ensure there is a good foundation to build on to protect privacy and defend they way of life
Building a “Cyber Prime” Workforce on a Hamburger Budget
Hiring restrictions, tight budgets, cut-throat hi-tech competition?
How can public sector organizations find, attract, develop and retain cyber talent?
Lessons Learned, Best Practices.
Diversity of thought and experience when recruiting
Methods to retain talent (Training opportunities, e.g. discounted SANS)”
Public Sector Cyber Insurance
Cyber Insurance for public sector is different from private. Models on how to self-insure, municipal risk pools. Vermont and Nevada are doing self insurance.
Avoid a Cyber Splash
In this session we will learn about real life examples of attacks to our utilities and SCADA systems. We hope to offer real steps on what the future holds for this important sector and what our public officials are doing to meet this real and rapidly evolving threat to our citizens.
Cyber Governance Model
State government leaders must manage risk within a context where authority is distributed across sectors and levels and branches of government. Regardless of the structures and local culture that a governor and state legislature must operate within, they must establish cybersecurity governance that provides the mix of control and influence necessary and appropriate for their state, and that includes mechanisms for mitigating and responding to risk.
IT Operations or Cybersecurity? Pick any two!
The cloud adoption efforts will shift the balance of IT operations and cybersecurity for public sector entities that must select both. The benefits from the higher utilization of cloud services and what cyber risks should you start to navigate to ensure the value is in both.
Transforming Education and Cyber Operations
As a national leader in energy and agriculture with a significant military footprint, North Dakota’s cybersecurity strategy involves a whole-of-government approach – including training the next generation of cybersecurity professionals. The state’s “PK-20W” Initiative aims to educate every student in every class with computer science and cybersecurity skills that are foundational in the digital age and valuable in every industry.