Podcasts about defense information systems agency disa

Today's modern network has placed identity management in the forefront to manage a plethora of landscapes – on and off prem, public and private, hybrid, and the new kid on the block, alt-clouds.  This week on Feds At The Edge, we explore how the Defense Information Systems Agency (DISA) is leading the charge in modern identity management, once a backwater concept, to center stage, with its ambitious program, Thunderdome.   Chris Pymm, Portfolio Manager, Zero Trust & Division Chief for ID7 at DISA, shares how Thunderdome spans 50 sites and 12,000 users, automating identity controls to outpace threats like lateral movement. We also hear from Quest Software Public Sector cybersecurity expert Chris Roberts, who breaks identity management down to its core: know the user, know the device, know the behavior.   Tune in on your favorite podcasting platform today to hear how DISA is redefining identity for today's distributed networks—and what your agency can take from their playbook.          

The United States Department of Defense is working to bolster its cybersecurity measures by incorporating artificial intelligence (AI), according to the Defense Information Systems Agency (DISA). DISA is collaborating with industry partners and organizations like DARPA to integrate AI into their defensive strategies. They aim to meet the evolving needs of the department and leverage AI capabilities to enhance their defensive posture. DISA acknowledges the potential of AI in detecting anomalous behavior and improving efficiency in cybersecurity. The agency also emphasizes the importance of security around AI models and data integrity. The integration of AI will equip the Department of Defense with better tools to combat emerging cyber threats. --- Send in a voice message: https://podcasters.spotify.com/pod/show/tonyphoang/message

As technology rapidly evolves we as a nation need to anticipate the attacks that may come about as a result of that innovation. Travis Rosiek, the Public Sector CTO at Rubrik and former Leader at the Defense Information Systems Agency (DISA), joins Tech Transforms to talk about how the government's approach to technology and relationship with industry has evolved over the last twenty years. He also discusses compliance, including FedRAMP compliance, managing the vast amount of data that is generated daily across the government and industry, and the importance of the U.S. Government building cyber resilient systems. Catch all this and more on this episode of Tech Transforms.Key Topics00:00 Government fielded and tested tech capabilities, explained compliance.05:23 Enhanced security collaboration, compliance, and risk minimization.09:14 Experience in government and commercial capabilities. Innovation.10:12 Commercial companies prioritize profitability over long-term planning.14:38 Challenges in public sector recruiting and retention.18:49 Outsourcing SaaS applications frees up resources. AI evolving, human input remains essential.22:33 Assessing incident response: Operational evaluation, not just compliance.25:57 Vendors and program office face process challenges.29:46 Secure cloud data access: visibility, risks, controls.32:27 Emphasizing need for security in IT systems.36:44 CISOs face challenges in evolving tech landscape.38:11 Support CISOs, recruit and retain talent, accountability.Evolving Cybersecurity Practices: A Shift to 'Cloud Smart' StrategiesTravis's Perspective on Cloud MisconceptionsTravis discusses the early days of cloud adoption, which were often fueled by misconceptions about its benefits. The migration toward cloud computing was commonly believed to be a cost-effective solution that would reduce expenses and simultaneously enhance security. However, he points out that this was not always the case. Many organizations have since realized that the initial cost of moving to the cloud can vary greatly based on specific use cases and applications. This realization has led to a strategic shift toward what Travis refers to as a "cloud smart" approach. Highlighting the need for a more discerning and tailored evaluation of how cloud resources are utilized.The Role of Commercial Companies vs. Government in Problem-Solving: "Industry is great about solving problems. You know, driving that capitalism type of culture, building capabilities, selling solutions. And they're quicker to implement, adapt and deploy capabilities where the government is very slow in implementation of these you know, they can figure out the problem." — Travis RosiekThe 'Cloud Smart' Strategic ApproachTaking a "cloud smart" approach indicates a maturation in the perception of cloud services by government agencies and businesses alike. Rather than a blanket strategy of cloud-first, Travis indicates that there is now a more nuanced consideration of when and how to use cloud services. He underscores the importance of aligning cloud adoption with an organization's unique needs. Including the potential scalability, security and cost implications. This approach suggests a collaborative and informed decision-making process. Recognizing that the cloud offers a variety of solutions, each with different features, advantages and trade-offs that must be carefully weighed against organizational goals and objectives.Navigating Cybersecurity Practices in Cloud MigrationThe Balance of Technical and Non-Technical Implications in Cloud MigrationTravis discusses the intricacies involved in organizational cloud migrations. Emphasizing that these undertakings are not solely about technological transitions but...

A new capability from the Defense Information Systems Agency (DISA) aims to give warfighters what it calls situational awareness of the electromagnetic spectrum. The spectrum itself has become a battle-space, so it is important to know what's going on there. For more on the baby-steps version of this tool, Federal Drive Host Tom Temin spoke with the Deputy Director of the Program Executive Office Spectrum, Kevin Laughlin. Learn more about your ad choices. Visit megaphone.fm/adchoices

A new capability from the Defense Information Systems Agency (DISA) aims to give warfighters what it calls situational awareness of the electromagnetic spectrum. The spectrum itself has become a battle-space, so it is important to know what's going on there. For more on the baby-steps version of this tool, Federal Drive Host Tom Temin spoke with the Deputy Director of the Program Executive Office Spectrum, Kevin Laughlin. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Planning, Resilience, and Honesty.In this episode of The Outspoken Podcast, host Shana Cosgrove talks to Garrett Yee, Vice President and General Manager at General Dynamics Information Technology (GDIT). Garrett talks about his transition to the private sector after 35 years with the U.S. Army, serving in the Middle East and ultimately as Deputy Director of the Defense Information Systems Agency (DISA). He recalls learning perseverance after a difficult early-life experience—getting kicked out of Navy ROTC in his freshman year for poor grades—and then starting over with the Army. He talks about learning how important it is for leaders to keep smiling and about his efforts to stay honest and open. Garrett tells Shana his early vision for his life was that he'd grow up to be a teacher and a park ranger and says he's now back in nature following his passion for photographing birds.QUOTES“When things are important to us, we find the time to do it. So why wouldn't we find the time to plan for the next phase? . . . People in the military in particular are known for planning.” - Garrett Yee [05:21]“We try so hard to do everything and be everything and be perfect and we just fall short. That's just the way it is. We just can't do it all.” - Garrett Yee [15:49]“You choose to do what you do, and therefore you accept that challenges are part of the deal. But that's not going to stop you from enjoying what you're doing.” - Garrett Yee [29:13] TIMESTAMPS  [00:04] Intro[01:34] Meet Garrett Yee[02:59] On Transition Planning[07:28] Life Happens: From Navy ROTC to the Army[11:38] Tough Times Lead to Resilience [13:05] Marrying Young, Starting a Family, and Feeling Behind[18:25] Starting in Signal, Ending at DISA[21:50] DISA's Core Mission: Transport, Connectivity, Cybersecurity[25:52] Training the Next Generation at GDIT [29:10] Smiling in the Photos[33:19] Staying Honest and Accessible[35:15] Losing a Family Member, Talking about Mental Health[40:23] Career High Point: Deployed to the Middle East in 2014[42:17] What's Your Leave-Behind? Treating Every Job as Your Last [46:20] Sharing Copies of the Constitution  [49:33] When Your Family Is Happy[51:57] Great Leaders Know What's Good for the Organization[55:26] OutroRELEVANT LINKSGarrett Yee on LinkedIn@garrettyee66 on InstagramNyla Technology SolutionsI'd love to hear from you -- your feedback is important to me and I read all of it. If you enjoyed the podcast, I hope you'll give us 5 stars. I'll be sure to thank you via email. If not, let me know what you think we should do differently. Don't forget to hit “subscribe” so you'll receive notifications about guest interviews and other topics that drop every Tuesday.Live well, Shana

The Defense Information Systems Agency (DISA) awarded a $7 million zero trust prototype, called Thunderdome, to Booz Allen Hamilton last year and recently completed the pilot. Cybersecurity & Analytics Director Brian Hermann discusses next steps for zero trust implementation across the Defense Department.

Since January, the Defense Information Systems Agency (DISA) has been running a highly classified version of a very popular consumer platform. DISA completed functional testing of what it calls DOD-365-Sec, a secure version of Microsoft Office 365, a cloud-hosted suite of common products. With a progress report on user testing, Federal Drive host Tom Temin spoke with the program manager for DISA's Defense Enterprise Office Solution, Carissa Landymore. Learn more about your ad choices. Visit megaphone.fm/adchoices

Since January, the Defense Information Systems Agency (DISA) has been running a highly classified version of a very popular consumer platform. DISA completed functional testing of what it calls DOD-365-Sec, a secure version of Microsoft Office 365, a cloud-hosted suite of common products. With a progress report on user testing, Federal Drive host Tom Temin spoke with the program manager for DISA's Defense Enterprise Office Solution, Carissa Landymore. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Join our resident Business Ninja Kelsey together with Charles Wert of BNL Inc., an agile, transparent, and responsive SBA-certified Woman-Owned Small Business providing critical support services for the Federal government. BNL Inc. together with their partners, they explore, innovate, and solve problems for their customers, delivering solutions that produce results. They lead with their uncompromising values to enrich their workforce, community, and Nation, accepting social responsibility through service to others. BNL Inc. customers and partners count on them because they are responsive, unwavering, and accountable to deliver transformative solutions for a brighter future. BNL Inc. has helped them build a 20-year history of collaborating with customers on  projects. They have enriched the workforce and enhanced their community and Nation through our critical support of U.S. Department of Treasury, Department of Defense (DoD), Department of Veterans Affairs (VA), U.S. Department of Housing and Urban Development (HUD), U.S. Department of Education and Defense Information Systems Agency (DISA), U.S. Patent and Trademark Office, among others. Their customers and partners count on them as unwavering trusted advisors accountable for meeting and exceeding distinct and evolving requirements. Learn more about them and visit their website https://www.bnlinc.com/-----Do you want to be interviewed for your business?  Schedule time with us, and we'll create a podcast like this for your business:  https://www.WriteForMe.io/-----https://www.facebook.com/writeforme.iohttps://www.instagram.com/writeforme.io/https://twitter.com/writeformeiohttps://www.linkedin.com/company/writ...https://www.pinterest.com/andysteuer/Want to be interviewed on our Business Ninjas podcast? Schedule time with us now, and we'll make it happen right away! Check out WriteForMe, more than just a Content Agency! See the Faces Behind The Voices on our YouTube Channel!

Enterprise Knowledge CEO Zach Wahl speaks with Bill Balko, former Chief Knowledge Officer at Defense Information Systems Agency (DISA). DISA, a Department of Defense combat support agency, provides information technology and communications support to any individual or system contributing to the defense of the United States. Bill, who has been at DISA since 2007, discusses the importance of fostering knowledge management within the government and between government organizations, and speaks about embedding knowledge capture into the work people do every day in order to achieve the "Holy Grail of knowledge management, data management, organizational management, and workforce development: all of that working in concert."

Defense Information Systems Agency (DISA) cloud leader Sharon Woods kicks off the new year with an in-depth conversation about the role Joint Warfighting Cloud Capability (JWCC) will play in various concurrent cloud modernization efforts across DOD. She also dives into her journey from law school to defense IT, and offers advice for young women pursuing tech and national security careers.

What is the mission of the Defense Information Systems Agency DISA's Hosting and Compute Center? How is the HaCC transforming the way DISA does business? What does the future hold for DISA's Hosting and Compute Center? Join host Michael Keegan as he explores these questions and more with Sharon Woods, Director, Hosting and Compute Center at the Defense Information Systems Agency (DISA).

Hybrid cloud creates new efficiencies but can also cause new cybersecurity risks. The Defense Information Systems Agency (DISA), which helps lead cloud modernization for the Defense Department, needs strong partnerships with cloud vendors to maintain a strong security posture. Strategies such as "environment as code," DevSecOps and zero trust can help improve user experience while limiting vulnerabilities and strengthening overall cybersecurity. This episode is sponsored by ThunderCat and Dell Technologies.

Conversation with Lt General Robert Skinner, Director, Defense Information Systems Agency (DISA). What are the strategic priorities of the Defense Information Systems Agency (DISA)? How is it strengthening the security and resilience of networks and systems? What is it doing to prioritize command and control and leverage data as a Strategic Asset? Michael Keegan explores […]

What are the strategic priorities of the Defense Information Systems Agency (DISA)? How is it strengthening the security and resilience of networks and systems? What is it doing to prioritize command and control and leverage data as a Strategic Asset? Michael Keegan explores these questions and more with Lt. General Robert Skinner, Director of the Defense Information Systems Agency (DISA).

What is the mission of the Defense Information Systems Agency DISA's Hosting and Compute Center? How is the HaCC transforming the way DISA does business? What does the future hold for DISA's Hosting and Compute Center? Join host Michael Keegan as he explores these questions and more with Sharon Woods, Director, Hosting and Compute Center […]

What is the mission of the Defense Information Systems Agency DISA's Hosting and Compute Center? How is the HaCC transforming the way DISA does business? What does the future hold for DISA's Hosting and Compute Center? Join host Michael Keegan as he explores these questions and more with Sharon Woods, Director, Hosting and Compute Center at the Defense Information Systems Agency (DISA).

A Conversation with Lt General Robert Skinner, Director, Defense Information Systems Agency (DISA). What are the strategic priorities of the Defense Information Systems Agency (DISA)? How is it strengthening the security and resilience of networks and systems? What is it doing to prioritize command and control and leverage data as a Strategic Asset? Michael Keegan […]

What are the strategic priorities of the Defense Information Systems Agency (DISA)? How is it strengthening the security and resilience of networks and systems? What is it doing to prioritize command and control and leverage data as a Strategic Asset? Michael Keegan explores these questions and more with Lt. General Robert Skinner, Director of the Defense Information Systems Agency (DISA).

In this episode,  Erin talks with US Army Master Sergeant (Retired), Darrell Williams. I could list Darrell's complete bio and CV, and I'm sure you would be impressed (I will provide a few key highlights below), but what is truly special about Darrell is that he is so much more than his professional accomplishments. He is a mentor in every sense of the word, he is passionate about helping others, and he is a natural leader with integrity who inspires others to do their best. Darrell and I talked about a topic that both of us are passionate about - the military transition process. Darrell gave actionable, real world advice on helping service members leave the military and enter the civilian world. If you are getting ready to retire or separate, this is an episode you won't want to miss!Darrell is the Chief, Military Human Resources for Operations at the Defense Information Systems Agency (DISA). He serves as the human resources senior advisor on all military matters. Previously, Darrell, He was also assigned to the White House Communications Agency (WHCA), where he served as a Human Resources Manager, Operations Lead, and Vice Presidential Communications Officer for over 500 Presidential and Vice Presidential missions. a Master Certified Life Coach and Inspirational Speaker, started Alliance Seminars Coaching as a veteran-owned, faith-based organization that provides keynote speaking, certified workshops, and life coaching services to clients. Darrell provides excellent advice and mentoring for veterans seeking to work with the government and how to find and pursue your purpose.Career highlights include leading several short notice Presidential missions that included examining the effects of Hurricane Andrew in Florida and Tornado Damage in Arkansas; selection as the Staff Support Unit Manager of the Year; selection as a WHCA All-Star; as well as the White House Communications Agency Senior Manager of the Year. Additionally, he was selected as a DISA Outstanding Mentor and Mission Support Services Team Lead of the Year.  He received numerous professional awards to include the Presidential Service Badge. He is also a recipient of the Lacey B. Ivory Service Award; Roy Wilkins Renown Service Award; the National Louis University Reach Award; and the Strayer University Outstanding Alumni Award for his dedicated leadership in the DoD and community.  He was also inducted into the White House Communications Agency Hall of Fame.To connect with Darrell:https://speakerhub.com/speaker/darrell-williamshttps://www.allianceseminars.orghttps://www.facebook.com/allianceseminarshttps://www.linkedin.com/in/darrellwilliamsTo connect with Erin: Life After the Uniform Facebook Group: https://www.facebook.com/groups/lifeaftertheuniform Life After the Uniform Facebook Podcast Page: https://www.facebook.com/ErinSilverPodcast Instagram: https://www.instagram.com/erinsilverpodcast/ 

Major General Garrett Yee, Deputy Director at the Defense Information Systems Agency (DISA) joins the show to discuss his career in the United States Army and tough lessons he has learned along his journey. We also talk about what pulled him into military service, his priorities for the agency as it evolves, and his thoughts on what the biggest challenge the industry is facing right now and into the future.

What is the data strategy for the Defense Information Systems Agency (DISA)? How is DISA leveraging data as a strategic asset? Join host Michael Keegan as he explores these questions and more with Caroline Kuharske, Acting Chief Data Officer, DISA. Listen to the podcast.

What is the data strategy for the Defense Information Systems Agency (DISA)? How is DISA leveraging data as a strategic asset? Join host Michael Keegan as he explores these questions and more with Caroline Kuharske, Acting Chief Data Officer, DISA.

Gaining the trust of your audience is one of the greatest challenges of leading. Darrell Williams, former Communications Response and Officer for the White House, teaches us that our credentials, while meaningful and noteworthy, don't necessarily earn us respect from others–but getting to know people and showing them that we care for them will.  In this episode, we learn how to maximize our gifts by being humble. Consider, what are the needs of my community, and how can I meet one of those needs? Start with small steps and become a model for others. Then, find a genuine connection with others, and offer your gifts to them without arrogance or expectation.  Williams helps people find their gifts and share them with others. He is currently the Chief, Military Human Resources for Operations at Defense Information Systems Agency (DISA), as well as a keynote speaker and coach.  Like this episode? Write us a review and subscribe for more.

Not only did she drop some serious knowledge about winning government contracts, we talked about how those same techniques can be used in the private sector too! This is a conversation you want to catch so hit play now! A little about Kizzy Parks: As a kid, she'd clean golf balls located in an alley behind my friend's house and resell them through a fence to golfers. She used the money to buy FUNYUNS® and Nutty Bars. She always knew she'd become an entrepreneur and earn an advanced degree in psychology. Her entrepreneurial spirit meshed well with her inquisitive nature as an adopted child who always wanted to, and then met, her birth family. Driven to be the successful business owner she always knew she would be. She went on to earn a Ph.D. and establish KPC over a decade ago. Today, she owns and operates multiple businesses and has over $50 million in government contract awards. Through my latest company, GovCon Winners, she helps service-based small business owners learn HOW to win profitable federal government contracts through the powerful CTC technique to grow their bottom line. Based: Miami Beach, FL Kizzy has been awarded over $50M in Federal Government Contracts. KPC serves the United States Federal Government by providing Contract Staffing Services, Professional & IT Services, Professional & Management Development Training, and Curriculum Development. We've worked successfully to support the Army, Air Force, Navy, Defense Information Systems Agency (DISA), United States Department of Agriculture (USDA), The United States Office of Personnel Management (OPM), The Food and Drug Administration (FDA), and the National Guard, among other agencies. WINNERS BECAUSE OF OUR CLIENTS & THE KPC TEAM

Defense Department agencies and their mission partners that are looking to work on projects in a DOD-authorized cloud environment can do so almost immediately — and at significantly lower costs — by using a program called milCloud 2.0, says an executive leading the program. The milCloud 2.0 program, which is supported by the Defense Information Systems Agency (DISA) and GDIT, is designed specifically to help DOD agencies accelerate adoption of cloud services. The milCloud 2.0 platform is a fit-for purpose commercial cloud program managed by GDIT that sits in a multi-tenant, “Impact Level 5” cloud environment within DISA facilities. The unique arrangement allows DOD project teams to bypass much of the red tape and added costs associated with projects conducted on government-sanctioned public clouds, according to Brian Whitenight, who directs partner accounts for milCloud 2.0 at GDIT. Guest: Brian Whitenight, Partner Account Director for milCloud 2.0, GDIT Host: Wyatt Kash, SVP, Content Strategy, Scoop News Group Look for more coverage of “IT Modernization in Government” on www.fedscoop.com/listen

Department of Defense (DOD) agencies and their partners want to capitalize on the speed, scale and analytic power of the cloud to tackle artificial intelligence and machine learning workloads. However, elevated security requirements, timing and budgets tend to limit which projects can actually move to the cloud — or whether they get done at all. The good news is that milCloud 2.0 — operated in partnership with the Defense Information Systems Agency (DISA) and GDIT — is helping defense agencies overcome those obstacles and even fast-track the use of AI and ML applications. Sponsored by GDIT and Intel Corp. Guest: Jeffrey Phelan, milCloud 2.0 Cloud Services Portfolio Lead, GDIT Look for more coverage of “IT Modernization in Government” on www.fedscoop.com/listen

Defense agencies looking for a faster way to acquire and utilize cloud services may be overlooking a unique cloud platform already at their fingertips. That platform — milCloud 2.0 — is a fit-for-purpose commercial cloud service designed to meet the unique mission critical requirements of the Defense Department and its mission partners – including the military services, Defense Information Systems Agency (DISA), the Pentagon and its 4th Estate Agencies. Sponsored by GDIT. Guest: Jeffrey Phelan, milCloud 2.0 and DOD cloud services portfolio lead, GDIT Look for more coverage of “IT Modernization in Government” on www.fedscoop.com/listen

Vice Admiral Nancy Norton, is the director of the Defense Information Systems Agency (DISA) and the commander of the Joint Force Headquarters Department of Defense Information Network (JFHQ-DODIN). She joins us today to talk about her dual-hatted role in part one of our Women's Leadership episode.

In this #AskTHAT, I talk to Brian Contos, CISO of Verodin and we dive into cybersecurity. No MOAR excuses, we have to take an active role in our securing our applications.    Brian has over two decades of experience in the security industry. He is a seasoned executive, board advisor, security company entrepreneur and author. After getting his start in security with the Defense Information Systems Agency (DISA) and later Bell Labs, Brian began the process of building security startups and taking multiple companies through successful IPOs and acquisitions including:  Riptech, ArcSight, Imperva, McAfee and Solera Networks.   Brian has worked in over 50 countries across six continents. He is a strategic board advisor for multiple companies including Cylance and Appdome. He has authored several security books, his latest with the former Deputy Director of the NSA, spoken at leading security events globally and is a Distinguished Fellow with the Ponemon Institute. Brian frequently appears in the news and has been featured in CNBC, C-SPAN, Fox, NPR, Forbes, Wall Street Journal, The London Times and many others. He most recently appeared in a cyberwar documentary alongside General Michael Hayden (former Director NSA and CIA).   Links from today’s show: Blog:  https://verodin.com/blog/ LinkedIn:  https://www.linkedin.com/in/briancontos/ Twitter:  @BrianContos Brian’s company - Verodin is a Security Instrumentation Platform or SIP Company:  https://verodin.com/ Open Source Threat Simulation Projects, these are more Breach and Attack Simulation (BAS) related than SIP, but they can be used to test some security controls:  https://blogs.gartner.com/augusto-barros/2018/04/17/threat-simulation-open-source-projects/

Swimlane (https://swimlane.com/) . Cody is responsible for the strategic direction of Swimlane and the development of it’s security operations management platform. Collaborating with industry leading technology vendors, he works to identify opportunities to streamline and automate security activities saving customer operations costs and reducing risk. In 2011, Cody co-founded Phoenix Data Security Inc., a focused cyber security professional services organization. Prior to Phoenix Data Security, he began his career in the U.S. Coast Guard, spent 15 years in IT and security including roles with the U.S. Defense Information Systems Agency (DISA), the Department of Homeland Security (DHS), American Express, and IBM Global Business Services. Cody has presented at information security forums such as the Secret Service Electronic Crimes Task Force, the DHS Security Subcommittee on Privacy and National Public Radio (NPR), as well as to many industry associations such as (ISC)2, ISACA and ISSA. In this episode we discuss his start in information security, mentors he has had along the way, why he is building a business in Colorado, founding a information security company and the problems he is trying to solve, cyber security automation, so much more. Where you can find Cody: LinkedIn (https://www.linkedin.com/in/codycornell/) Twitter (https://twitter.com/codycornell) Swimlane Blog (https://swimlane.com/blog/)

In this podcast, watch Larry Allen, CEO of Allen Federal Business Partners and Comstor’s principal Federal Consultant reviews Business Opportunities with the Defense Information Systems Agency(DISA).Larry will cover, What is DISA, DISA customers and leaders, priorities and IT budget and DISA contract vehicles.For more information on this Federal podcast series contact the Comstor Federal Team at federalsales@comstor.com or 800.955.9590

The Information Assurance Directorate (IAD) within the National Security Agency (NSA) is charged in part with providing security guidance to the national security community. Within the IAD, the Vulnerability Analysis and Operations (VAO) Group identifies and analyzes vulnerabilities found in the technology, information, and operations of the Department of Defense (DoD) and our other federal customers. This presentation will highlight some of the ways that the VAO Group is translating vulnerability knowledge in cooperation with many partners, into countermeasures and solutions that scale across the entire community. This includes the development and release of security guidance through the NSA public website (www.nsa.gov) and sponsorship of a number of community events like the Cyber Defense Initiative and the Red Blue Symposium. It also includes support for, or development of, open standards for vulnerability information (like CVE, the standard naming scheme for vulnerabilities); the creation of the extensible Configuration Checklist Description Format (XCCDF) to automate the implementation and measurement of security guidance; and joint sponsorship, with the National Institute of Standards and Technology (NIST) and the Defense Information Systems Agency (DISA), of the Information Security Automation Program (ISAP), to help security professionals automate security compliance and manage vulnerabilities. The presentation will also discuss the cultural shift we have been making to treat network security as a community problem, one that requires large -scale openness and cooperation with security stakeholders at all points in the security supply chainoperators, suppliers, buyers, authorities and practitioners. Tony Sager is the Chief of the Vulnerability Analysis and Operations (VAO) Group, part of the Information Assurance Directorate at the National Security Agency. The mission of the VAO organization is to identify, characterize, and put into operational context vulnerabilities found in the technology, information, and operations of the DoD and the national security community and to help the community identify countermeasures and solutions. This group is known for its work developing and releasing security configuration guides to provide customers with the best options for securing widely used products. The VAO Group also helps to shape the development of security standards for vulnerability naming and identification, such as the Open Vulnerability and Assessment Language (OVAL), partnering with National Institute for Standards and technology (NIST) on the Information Security Automation Program (ISAP), developing the eXtensible configuration checklist description format (XCCDF), and for hosting the annual Cyber Defense Exercise and the Red Blue Symposium. Mr. Sager is active in the public network security community, as a member of the CVE (Common Vulnerabilities and Exposures) Senior Advisory Council and the Strategic Advisory Council for The Center for Internet Security. He is in his 29th year with the National Security Agency, all of which he has spent in the computer and network security field.

The Information Assurance Directorate (IAD) within the National Security Agency (NSA) is charged in part with providing security guidance to the national security community. Within the IAD, the Vulnerability Analysis and Operations (VAO) Group identifies and analyzes vulnerabilities found in the technology, information, and operations of the Department of Defense (DoD) and our other federal customers. This presentation will highlight some of the ways that the VAO Group is translating vulnerability knowledge in cooperation with many partners, into countermeasures and solutions that scale across the entire community. This includes the development and release of security guidance through the NSA public website (www.nsa.gov) and sponsorship of a number of community events like the Cyber Defense Initiative and the Red Blue Symposium. It also includes support for, or development of, open standards for vulnerability information (like CVE, the standard naming scheme for vulnerabilities); the creation of the extensible Configuration Checklist Description Format (XCCDF) to automate the implementation and measurement of security guidance; and joint sponsorship, with the National Institute of Standards and Technology (NIST) and the Defense Information Systems Agency (DISA), of the Information Security Automation Program (ISAP), to help security professionals automate security compliance and manage vulnerabilities. The presentation will also discuss the cultural shift we have been making to treat network security as a community problem, one that requires large -scale openness and cooperation with security stakeholders at all points in the security supply chainoperators, suppliers, buyers, authorities and practitioners. Tony Sager is the Chief of the Vulnerability Analysis and Operations (VAO) Group, part of the Information Assurance Directorate at the National Security Agency. The mission of the VAO organization is to identify, characterize, and put into operational context vulnerabilities found in the technology, information, and operations of the DoD and the national security community and to help the community identify countermeasures and solutions. This group is known for its work developing and releasing security configuration guides to provide customers with the best options for securing widely used products. The VAO Group also helps to shape the development of security standards for vulnerability naming and identification, such as the Open Vulnerability and Assessment Language (OVAL), partnering with National Institute for Standards and technology (NIST) on the Information Security Automation Program (ISAP), developing the eXtensible configuration checklist description format (XCCDF), and for hosting the annual Cyber Defense Exercise and the Red Blue Symposium. Mr. Sager is active in the public network security community, as a member of the CVE (Common Vulnerabilities and Exposures) Senior Advisory Council and the Strategic Advisory Council for The Center for Internet Security. He is in his 29th year with the National Security Agency, all of which he has spent in the computer and network security field.