Skip to main content
Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
The https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Summary

Placeholder

 Articles

2021 CISO Forum "Ask Me Anything" Video

"Ask Me Anything - Part Deux" Questions 

FedRamp sponsorship, shouldn't it be a clearing house and a competitive marketplace ensuring cutting edge technology is obtainable in the public sector for application, especially in cybersecurity? (00:00:59)

 

How have Cyber services changed? How do you engage periodic experts? What are your thoughts on Zero Trust? (0:04:41)

 

How can an organization’s culture impact the ability for a CISO to meet his/her security program obligations? (0:15:04)

 

How do you assess security in the cloud (e.g., data encryption, Identity Access Management, etc.) to ensure PII/PHI is protected? (0:20:08)

 

What are your thoughts on using AI in Compliance? (0:24:40)

 

What do you define as SecOps? (0:28:44)

 

What is CMS's thinking about changes that might better enable onboarding/ badging/system access for contractors during the pandemic? Thoughts on moving away from PIV and toward tokens/MFA? (0:34:05)

 

Will CMS be providing additional guidance on the Cyber Executive Order issued in May? (0:37:44)

 

Hi Rob and Frank, how is the advent of rapid digitization of devices (IoT) affecting your security footprint? (0:42:41)

 

What security measures will be applied as campuses move to SMART? (0:44:30)

 

As a Contractor Support - ISSO, what can I do to prepare for 800-53R5 and hopefully CMS' adaptation of NIST OSCAL? (0:47:19)

 

Is Batcave in an architecture phase or is there something in the lab? (0:50:50)

 

How are you securing CMS cloud workloads, to include VM, containers and serverless? (0:53:25)

 

How is CMS supporting or planning to support and encourage the health sector, i.e., medical facilities, to better secure their networks, as they serve as one of the nation's critical infrastructure sectors? (0:56:40)

 

How do you propose bridging the gap between appsec and forensic? (0:59:48)

 

Enterprise defenders depend upon automated and manual log reviews to detect malware. How important is log reviews at CMS to detect cyber attacks? (1:03:20)

 

Usually the behavior of the organization mimic the culture that the leadership demonstrates and fosters...IMHO. (1:06:48)

 

How can vendors sign up for Demo Fridays? (1:07:27)

 

Is OIT leading to more of an Agile Management approach? (1:09:36)

 

Who is best to coordinate with at CMS to plan and participate in the Friday vendor day to provide meaningful information to CMS? (1:20:00)

 

 

Recent Articles

Recent Media

 Related Articles