DoD: Embracing Continuous Monitoring

Federal cyber leaders are tasked with the challenge of balancing active defense efforts, particularly when the U.S. is involved in international conflict, with building an infrastructure secure from the individual device all the way to enterprise environment. To do all of that, defending their networks and building for the future, DoD leaders must prioritize continuous monitoring of their cyber systems to address hidden vulnerabilities to address and ensure comprehensive coverage – all without burying their stretch workforce in hours of manual work. To that end, the Department leverages the NIST Risk Management Framework (RMF) to integrate security, privacy, and cyber supply chain risk management activities into the system development life cycle. In March, it also released its DevSecOps cATO Implementation Guide mandating continuous monitoring for threats and assessment of risk, using security automation and security posture dashboards that assist in managing cybersecurity risks in near real-time. But where should leaders start when building that secure infrastructure? And just how does the DoD automate the continual monitoring of its environments? Join this session with government and industry thought leaders as they share insights into the cyber challenges facing the DoD and how automated continuous monitoring plays a role in addressing current and future threats.