Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
The https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Beats

Media

Search PlanetOIT

Find what you are looking for on PlanetOIT

May 2023 CISO Forum Ask Me Anything Title Card

May 2023 CISO Forum Ask Me Anything

Published Monday, June 12, 2023

Wondering what the future holds for CMS regarding innovation, AI, Google's new domain, and more? Join Director of ISPG and Chief Information Security Officer Rob Wood and guest co-host Shawnte Singletary, Deputy Director of ISPG Division of Security and Privacy Compliance, in the May 2023 CISO Forum Ask Me Anything, answering questions about it. Watch the video to learn more or navigate through the questions by clicking the timestamps below to choose a query according to your interest.

TIMESTAMPS

00:02:45 Do you think that we (CMS) can ever define through policy what is considered an IT system that needs an Authority to Operate (ATO) and when an ATO is not needed? To expand on that, if data is allowed in a contractor environment, at what point would that data need to be managed by an ATO personally identifiable information (PII) volume? Is that practical or logical or is that even the goal? 

00:07:10 What would you consider the threat model for CMS to be? Referring to a threat model in a sense of what level of paranoia should an engineer, Information System Security Officer (ISSO), or Application Development Organization (ADO) approach securing their application? 

00:14:49 You’re each describing this balance between trust and fear. Do either of you have thoughts on the theory of balancing the trust of individuals and contractors in light of product lock and scope creep? 

00:28:41 Is there an end year plan to make BatCave a requirement? 

00:32:10 For somebody who's working in a technical role doing their due diligence, and they're going through their career planning exercises, what advice would you give to somebody wanting to basically move themselves up? Is management the only route and you move up in a leadership capacity without being a manager? How would you advise somebody in this capacity? 

00:40:50 What are CMS’s plans to combat the role of artificial intelligence (AI) in social engineering? 

00:41:06 Does CMS Cybersecurity Integration Center (CCIC) use AI tools to combat or defeat AI-based social engineering attacks?

00:48:34 Do you feel the new resurgence of TLD.Zip or TLD.Mov from Google will have an impact on CMS?

00:50:36 Thank you and wrap-up.

Recent Stories

Recent Media

Related OIT Videos