• GCN
  • WT
  • DS

Event Whitepaper:

Download this ebook to learn what you missed at FCW's Face-to-Face Cloud event held on January 30, 2018.

Without a doubt, cloud computing will play a central role in agency efforts to modernize their IT infrastructure. But there’s a catch.

As much as agency IT leaders know they need to make the cloud a core component of their IT infrastructure, they also know that they need to address long-standing concerns about the security of the cloud.

The FedRAMP program, of course, is an important part of any agency’s cloud security strategy, and the program has evolved to address emerging requirements for higher-level security requirements—but it is only part of the story. Agencies are looking for technologies and strategies that provide a more holistic approach to cloud security and that integrate the cloud into an agency’s broader cyber strategy.

This event brought together experts from government and industry to discuss emerging best practices and solutions for securing the cloud.

Potential topics addressed include:

  • Automating security compliance
  • A risk-based approach to cloud security
  • Addressing the hybrid cloud environment
  • Trusted Internet Connections (TIC) in a cloud-based government
  • Network visibility and the cloud
  • Cloud application security

Featured Speakers:

  • Shashank Khandelwal
  • Acting Director of cloud.gov, General Services Administration
  • Click for Bio

    Shashank Khandelwal (Shuh-shaank Khun-dale-waal) is acting director of cloud.gov. He spends most of his time thinking about how to increase cloud adoption within the federal government.

    Earlier at 18F, he co-lead the digital transformation practice and worked on Every Kid in a Park, but not at the same time.

    He lives in Rockville, MD with his wife. He likes taking pictures of street art and murals.

  • Mark Bunn
  • Federal Network Resilience Division, Department of Homeland Security
  • Click for Bio

    Mark Bunn is the program manager for the Trusted Internet Connections (TIC) program at DHS. Mark has over 20 years of Information Security consulting experience for Fortune 100 companies in network and system security including: incident management, vulnerability assessment, threat modeling and risk management.

  • Michael Fairless
  • Branch Chief, U.S. Securities and Exchange Commission
  • Click for Bio

    Michael W. Fairless joined the Securities and Exchange Commission (SEC) in February 2013 serving as the Branch Chief for Servers and Storage. Prior to joining the SEC, he was a Program Manager and Assistant Vice President with Science Applications International Corporation (SAIC) from January 2001 until February 2013, Director of Operations with Petra Incorporated from January 1999 until January 2001. Prior to joining Petra, Mike served in the United States Navy as a Master Chief Intelligence Specialist from 1977 to 1999. Highlights of his military service include 6 Operational deployments to the Western Pacific, Indian Ocean, Mediterranean Sea, and the Arabian Gulf and service as a Master Chief Petty Officer of the Command, Intelligence Officer, Intelligence Systems Officer, and Leading Chief Petty Officer.

    Mike is an accomplished and tenacious professional who believes that a true leader empowers others, providing tools and support, while challenging individuals and teams to stretch beyond their comfort zones. Mike has demonstrated commitment to continuous improvement, concentrating on building strong teams, developing valuable tools, and sound processes with an emphasis on the identification of best practices. He has facilitated multiple organizational and leadership development events focused on optimizing the enterprise through enhancements to organizational design and developing high performing teams. He has led large and complex system development, system engineering, and logistics management and implementation efforts in support of customers at the United States Navy, Naval Air Systems Command. He has also managing large IT Infrastructure and Service Operations in support of the United States Central Command (Command, Control, Communications, Computers, and Information Enterprise Systems), U.S. State Department, and the Securities and Exchange Commission.

    Mike’s academic achievements include a Masters of Business Administration (MBA), Bachelors in Management of Technical Operations, and an Associate’s Degree in Technical Education. Mike’s is a Certified Enterprise Architect (CEA), Project Management Professional (PMP), and a Lean Six Sigma Green Belt. He holds additional certifications in ITIL Service Operations and has spent many years studying and implementing Agile and Lean best practices in a variety of non-traditional environments.

  • Dr. Michaela Iorga
  • Senior Security Technical Lead, Cloud Computing, National Institute of Standards and Technology (NIST)
  • Click for Bio

    Dr. Michaela Iorga serves as senior security technical lead for cloud computing with the National Institute of Standards and Technology (NIST), Computer Security division. She also chairs the NIST Cloud Computing Public Security Working Group and co-chairs the NIST Cloud Computing Public Forensic Science Working Group. Having previously served in a wide range of consulting positions in both government and private sector industries before joining NIST, Dr. Iorga, a recognized expert in information security, risk assessment and information assurance for cloud, fog and IoT-based systems, has a deep understanding of cybersecurity, identity and credential management, and cyberspace privacy issues, as well as an extensive knowledge base in the development of complex security architectures. In her role as senior security technical lead at NIST and chair of the NIST Public Security and Forensics Working Groups, Dr. Iorga supports the development and dissemination of cybersecurity standards and guidelines that meet national priorities and promote American innovation and industrial competitiveness. Dr. Iorga is particularly focused on working with industrial, academic, and other government stakeholders to develop a high-level, vendor-neutral cloud and fog computing security and forensics guidance under the NIST Strategy for Developing a US Government Cloud Computing Technology Roadmap. A proven leader and expert in problem-solving and analysis, Dr. Iorga is also managing several other NIST efforts that include the development of the Open Security Controls Assessment Language, Cognitive-based IoT fingerprinting, Risk Management for Cloud-based Systems and Fog Computing definition. Past projects focused on development of Security Requirements for Cryptographic Modules (Federal Information Processing Standard 140), implementation of a NIST public, secure randomness source; development of security testing requirements for electrical smart meters; ad-hoc network security and smartcards for personal identity verification (PIV). Dr. Iorga received her Ph.D. from Duke University in North Carolina, USA.

  • Josh Stella
  • CEO, Fugue, Inc.
  • Click for Bio

    Josh Stella is Co-founder and CEO of Fugue, which radically simplifies cloud operations and centralizes cloud control by automating and enforcing infrastructure at scale. Previously, Josh was a Principal Solutions Architect at Amazon Web Services. He has served as CTO for a prior startup and in numerous other technical and leadership roles over the last 25 years. With the Fugue team, Josh authored Scalable Cloud Ops with Fugue_ published by The Pragmatic Bookshelf and the O’Reilly guide: Immutable Infrastructure: Considerations for the Cloud and Distributed Systems, as well as numerous articles.

  • Ted Girard
  • Vice President, Public Sector, Okta
  • Click for Bio

    Ted Girard is the Vice President of Public Sector at Okta. He defines and drives Okta’s vision and strategy in the Federal, State & Local and Education markets. Ted and his extended team empower Public Sector organizations to recognize the benefits of digital transformation by connecting any employee, vendor, partner, or citizen to anything from anywhere, securely.

    Ted has 20+ years experience building and leading highly successful Public Sector focused organizations with leading technology companies such as BladeLogic, BMC, Brocade and Xerox.

    Ted holds a BA in Economics from Hobart College and an MBA from Johns Hopkins University.

  • Mark Butler
  • Chief Information Security Officer, Qualys, Inc.
  • Click for Bio

    As Chief Information Security Officer for Qualys, Mark focuses on driving with industry luminaries and Qualys customers how to improve the security of the current computing environment and build security into digital transformation initiatives.

    Previously CISO of Fiserv, and with over 24 years of experience leading enterprise security teams, Mark has built and developed effective information security programs for executive management, IT leadership and legal counsel, plus provided visibility into business threats and how to defend against them.

    Prior to Fiserv, Butler held roles in global security consulting, independent technical research and comprehensive assessment services as well as several foundational security roles at H&R Block. Butler attended Baylor University and received a Bachelor of Science in Business Administration/Business Management from Avila University. He holds active Certified Information Systems Security Professional (CISSP), PCI Internal Security Assessor (PCI-ISA) and Certified Information Privacy Professional/Information Technology (CIPP-IT) certifications.

    7:00 - 8:00AM
    Registration, Continental Breakfast & Networking    
    8:00 - 8:05AM
    Welcome and Opening Remarks
    Troy Schneider
    Editor-in-Chief, FCW & GCN
    8:05- 8:35AM
    Opening Keynote | Cloud-native Best Practices in Security Compliance
    Shashank Khandelwal
    Acting Director of cloud.gov, General Services Administration
    8:35 - 9:05AM
    Case Study I | Understanding Open Security Controls Assessment Language (OSCAL)
    Michaela Iorga
    Senior Security Technical Lead, Cloud Computing,
    National Institute of Standards and Technology
    9:05 - 9:20AM
    Technology Insights I | Moving Fast in the Cloud with Infrastructure Governance Automation
    Josh Stella
    CEO, Fugue, Inc.
    9:20 - 9:50AM
    Case Study II | Moving to the Hybrid Cloud
    Michael Fairless
    Branch Chief, U.S. Securities and Exchange Commission
    9:50 - 10:05AM
    Technology Insights II | Identity: The New Perimeter
    Ted Girard
    Vice President, Public Sector, Okta
    10:05 - 10:25AM
    Networking Break
    10:25 - 10:55AM
    Case Study III | Government Cloud Modernization: Enhanced Visibility in the Cloud
    Mark Bunn
    Federal Network Resilience Division, Department of Homeland Security
    10:55 - 11:10AM
    Technology Insights III | Securing the Cloud at Scale: A Unified and Strategic Approach for Government Agencies
    Mark Butler
    Chief Information Security Officer, Qualys, Inc.
    11:10 - 11:40AM
    To conclude the event, we invite attendees to share their own experiences with our speakers in this open session to discuss practical fixes to the challenges of cloud acquisition and management.
    11:40AM - 11:45AM
    Closing Remarks
    Troy Schneider
    Editor-in-Chief, FCW & GCN

    Presented By

    Sponsored By


    To Sponsor:

      Stacy Money
      1105 Public Sector Media Group
      Phone: 415-444-6933
      Stacy Money