Government Technology Insider had the opportunity to talk with Dan Carayiannis about the upcoming RSA Public Sector Day. Carayiannis discussed key topics from the event as well as security concerns about government supply chain and more that is weighing heavily on the public sector.
Government Technology Insider (GTI): Thanks for speaking with us today. Can you tell us a bit about yourself and the role you play at RSA?
Dan Carayiannis (DC): I’m the Public Sector Director for Archer RSA’s Archer platform. RSA helps public sector agencies manage digital risk and protect their critical information and networks as they transform both their infrastructure and workforce to meet the mission. The Archer solution portfolio and platform is our key to ensuring that agencies remain secure against the myriad threats they are facing.
GTI: At the upcoming RSA Public Sector Day, what are some key topics that will be discussed?
DC: Since RSA Public Sector Day will be virtual this year, it’s opened the door for a more robust program. There will be two separate tracks, and RSA CTO, Zulfikar Ramzan will be delivering the keynotes for both tracks. One track was designed specifically for federal government and the other designed for state and local government. The agenda is focused on topics that government organizations are struggling with today, such as resiliency and supply chain security. We’ve made sure that the majority of our panelists and speakers are from government agencies so there’s plenty of opportunity for sharing best practices from ‘in the field.’ A particular highlight will be a presentation from the Deputy Director of the Cybersecurity and Infrastructure Security Agency (CISA) and the DoD.
GTI: You mentioned supply chain security, why has that become such a focus for the public sector?
DC: The “supply chain” has become an even greater priority for government agencies in the past year after a number of significant cybersecurity events. Agencies need to increase their due diligence when it comes to working with various technologies and contractors to ensure that robust cybersecurity protocols, controls and practices are in line with an agency’s own requirements and standards. Agencies need to make sure that all the technologies and contractors they leverage are not only aligned with agency guidelines but are continuously monitored in order to reduce risk.
GTI: How can these concerns about supply chain security be remedied?
DC: The National Institute of Standards and Technology (NIST) has established frameworks and best practices for supply chain security that can be tested and validated to show what an agency is doing to manage technology and contractor risks. The Archer platform can simplify, automate, and manage the contractor and supplier onboarding process by cataloging contractors and suppliers without requiring spreadsheets. The platform can perform risk assessments on vendors, evaluate the findings, document technology dependencies, and apply the results to improve the agency’s risk management posture. Agencies may not have focused extensively on supply chain security in the past, but with the pandemic and various cyber events this past year we’re seeing government organizations working to up their game and Archer has been there to help. I’m really looking forward to the panel discussion on supply chain as well as the rest of the panel discussions during this year’s RSA Public Sector Day.
To learn more about RSA Public Sector Day 2021, click here.