Welcome to Episode 44 of Emagine The Future! On this episode, we are joined by Bill Pratt. Prior to joining Reli Group in January 2024, he spent 22 years supporting the Public Sector through various roles in the Department of Homeland Security.

Key Discussion Points:

• Public Sector IT Modernization
• Public Sector Procurement & Navigating Industry Challenges
• Drag Racing

Connect with Bill: https://www.linkedin.com/in/bill-pratt-2431335/

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 43 of Emagine The Future, our 4th of our "This Month in Cyber" series - April 2024 edition.

March Catchup (Things we missed):

• NIST Unveils New Consortium to Operate its National Vulnerability Database
  https://www.infosecurity-magazine.com/news/nist-unveils-new-nvd-consortium/
• A New Roadmap for FedRAMP
  https://www.fedramp.gov/2024-03-28-a-new-roadmap-for-fedramp/
• Review of the Summer 2023 Microsoft Exchange Online Intrusion
  https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf.

Incidents & Breaches:

• Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services
  https://thehackernews.com/2024/04/cisco-warns-of-global-surge-in-brute.html?&web_view=true.
• GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories https://www.darkreading.com/threat-intelligence/gpt-4-can-exploit-most-vulns-just-by-reading-threat-advisories

Regulatory & Government:

• New CISA Cybersecurity Incident Reporting Requirements Proposed for Critical Infrastructure Companies https://www.nextgov.com/cybersecurity/2024/03/cisas-proposed-framework-cyber-incident-reporting-rules-includes-subpoena-power/395275/?oref=ngfcw_alert_nl&utm_source=Sailthru&utm_medium=email&utm_campaign=Nextgov/FCW%20Alert%20-%20March%2027%2C%202024&utm_term=newsletter_ng_alert
  • Formal Update: https://www.federalregister.gov/documents/2024/04/04/2024-06526/cyber-incident-reporting-for-critical-infrastructure-act-circia-reporting-requirements
• NIST issues digital identity update allowing agencies to use synced passkeys , https://federalnewsnetwork.com/technology-main/2024/04/nist-issues-digital-identity-update-allowing-agencies-to-use-synced-passkeys/

Events That Occurred & Events < 60 Days Away:

• RSA Conference (May 6-9) - San Francisco
• 45th IEEE Symposium on Security and Privacy (May 20-22, 2024 Security and Privacy Workshops will be held on May 23, 202 San Francisco
• Gartner Security & Risk Management Summit (National Harbor, MD June 3-5)
• GRC Summit 2024 Baltimore, June 17 & 18

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 42 of Emagine The Future! On this episode, we are excited to share with you the live recording from the Aquia + AWS 2024 Cloud Compliance Summit held on March 19th, 2024.

Emagine IT was both a sponsor of the happy hour but also a speaking partner. On this episode, you'll be able to tune into the recorded keynote our very own Adam Chun and Erik Dominguez hosted with a group.

Key Discussion Points:

• FedRAMP Post-Authorization & What it Means For Your Organization
• Current & Future State of Continuous Monitoring Requirements
• FedRAMP PMO Drives Rev5 Transition

Connect with Erik: https://www.linkedin.com/in/erik-dominguez-2589b228/
Connect with Adam: https://www.linkedin.com/in/adammchun/
Full-Length Video Panel: https://www.youtube.com/watch?v=2ihggDdhmYQ&t=355s

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 41 of Emagine The Future! On this episode, we are joined by Ajay Chandhok. Ajay is the CEO & Founder of Stratus Cyber. Leveraging more than two decades of experience spanning the Intelligence Community, defense sector, federal civilian agencies, and the commercial space, Ajay brings a unique and well-defined perspective.

Key Discussion Points:

• Future of ConMon
• Modernizing Measuring Security Performance
• Why Our Adversary is Always 2-Steps Ahead
• Over-reliance on Tools Hinder Enterprise Resilience

Connect with Ajay: https://www.linkedin.com/in/ajay-chandhok/
Check out Stratus Cyber: https://stratuscyber.com/about-us/

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 40 of Emagine The Future our 2nd of our "This Month in Cyber" series - March 2024 edition.

February Catchup (Things we missed):

• NIST 2.0 Cybersecurity Framework: https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-framework
• US Press release on Future Software should be Memory-Safe: https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/
• Annual Threat Assessment of the US Intelligence Community Released 2/5/2024: https://www.documentcloud.org/documents/24475399-unclassified-threat-assessment-us-government-2024
• Microsoft and OpenAI publish a report on Nation-State Hackers using AI for cyber-attacks: https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html

Incidents & Breaches:

• Credential-stealing emails and Conversation Overflow: https://www.darkreading.com/cloud-security/conversation-overflow-cyberattacks-bypass-ai-security
• NIST National Vulnerability Database Disruption Sees CVE Enrichment on Hold: https://www.infosecurity-magazine.com/news/nist-vulnerability-database/

Regulatory & Government:

• In continuation of last month, FBI and CISA release details on the tactics and techniques threat actors are using to deploy the Phobos ransomware strain on target networks: https://www.darkreading.com/cyberattacks-data-breaches/fbi-cisa-release-iocs-for-phobos-ransomware
• NSA's Zero Trust Guidance: https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3695223/nsa-releases-maturity-guidance-for-the-zero-trust-network-and-environment-pillar/
• Yearly US Intelligence Congress Testimony: https://techcrunch.com/2024/03/11/four-things-we-learned-when-us-spy-chiefs-testified-to-congress/
• DHS AI Roadmap Plans: https://fedscoop.com/dhs-ai-roadmap/?utm_content=286478443&utm_medium=social&utm_source=linkedin&hss_channel=lcp-1097874

Events That Occurred & Events < 60 Days Away:

• Philadelphia Cybersecurity Conference, Virtual and Philadelphia, Pennsylvania: April 4
• SANS New2Cyber Summit 2024–Central US, Virtual: April 4 – 15
• Cybersecurity Implications of AI Summit: North America West Summit, Seattle, Washington: April 16
• Google Cloud Next ’24, Las Vegas, Nevada: April 9 – 11

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 39 of Emagine The Future! On this episode, we are joined by Sebastian "Seb" Ewald. Seb is a Founding Partners for Unicorn Strategies, served in the Marine Corp for more than a decade, and have been entrenched in cybersecurity (and cyber warfare) for his entire career.

Key Discussion Points:

• The State of the Threat Landscape
• Stacking Data & Seeing the Full Picture of Risk
• Understanding our Adversary
• Cloud & Software Supply Chain
• Building Enterprise Resilience

Connect with Seb: https://www.linkedin.com/in/sebastian-ewald/
Check out Unicorn Strategies: https://www.unicornstrategies.com/
Check out NatSecGirlSquad: https://www.natsecgirlsquad.com/

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 38 of Emagine The Future our 2nd of our "This Month in Cyber" series - February 2024 edition.

January Catchup (Things we missed):

• CISA, FBI, and EPA Release Incident Response Guide for Water and Wastewaste Systems Sector
• Pwn2Own 2024: EVs take on electric vehicles, vehicle chargers, operating systems, and components
• Fulton County Suffers Power Outages as Cyber Attacks Continue

Incidents & Breaches:

• China Infiltrates US Critical Infrastructure in Ramp-up to Conflict
• Ongoing Azure Compromises Target Senior Execs Microsoft 365 Apps

Regulatory & Government:

• CISA Director Jen Easterly gave her opening statement before the House Select Committee on Strategic Competition Between the United States and the Chinese Communist Party.
• SEC Rules on Cybersecurity Incident Disclosure (July 2023 + Feb 2024 Comments)
• OWASP Releases LLM AI Security and Governance Checklist V1

Events:

• Zero Trust World 2024 (threatlocker.com) February 26 - 28, 2024 Caribe Royale, Orlando, FL
• SANS 2024 in Orlando, FL | Cyber Security Training Mar. 24-49, SANS 2024, Orlando, Fla.
• 2024 USA | RSA Conference May 6-9, RSA Conference USA 2024, San Francisco, Calif.
• Black Hat Spring Trainings 2024 Black Hat Spring Training Mar 12, 2024 – Mar 15, 2024

Connect with Erik: https://www.linkedin.com/in/erik-dominguez-2589b228/
Connect with Jeremy: https://www.linkedin.com/in/jeremyfrancese/

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 37 of Emagine The Future! On this episode, we are joined by Scott Corey, Former Chief Information Officer of the Administration For Community Living (ACL).

Key Discussion Points:

• The State of the Threat Landscape
• Moving from On-Prem to the Cloud (to position for future)
• Project and Program Level Governance
• Leveraging Artificial Intelligence to Enabled Decision Support

Connect with Scott: https://www.linkedin.com/in/jscottcory/

Subscribe on YouTube: https://www.youtube.com/@EITisCyber

Connect on LinkedIn:
https://www.linkedin.com/company/emagine-it-inc-/posts/