Welcome to Episode 43 of Emagine The Future, our 4th of our "This Month in Cyber" series - April 2024 edition.March Catchup (Things we missed):  NIST Unveils New Consortium to Operate its National Vulnerability Database https://www.infosecurity-magazine.com/news/nist-unveils-new-nvd-consortium/ A New Roadmap for FedRAMP  https://www.fedramp.gov/2024-03-28-a-new-roadmap-for-fedramp/ Review of the Summer 2023 Microsoft Exchange Online Intrusion https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf. Incidents & Breaches: Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services https://thehackernews.com/2024/04/cisco-warns-of-global-surge-in-brute.html?&web_view=true. GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories https://www.darkreading.com/threat-intelligence/gpt-4-can-exploit-most-vulns-just-by-reading-threat-advisories Regulatory & Government:  New CISA Cybersecurity Incident Reporting Requirements Proposed for Critical Infrastructure Companies https://www.nextgov.com/cybersecurity/2024/03/cisas-proposed-framework-cyber-incident-reporting-rules-includes-subpoena-power/395275/?oref=ngfcw_alert_nl&utm_source=Sailthru&utm_medium=email&utm_campaign=Nextgov/FCW%20Alert%20-%20March%2027%2C%202024&utm_term=newsletter_ng_alert Formal Update: https://www.federalregister.gov/documents/2024/04/04/2024-06526/cyber-incident-reporting-for-critical-infrastructure-act-circia-reporting-requirements NIST issues digital identity update allowing agencies to use synced passkeys , https://federalnewsnetwork.com/technology-main/2024/04/nist-issues-digital-identity-update-allowing-agencies-to-use-synced-passkeys/ Events That Occurred & Events  RSA Conference (May 6-9)  - San Francisco  45th IEEE Symposium on Security and Privacy (May 20-22, 2024 Security and Privacy Workshops will be held on May 23, 202 San Francisco Gartner Security & Risk Management Summit (National Harbor, MD June 3-5)  GRC Summit 2024 Baltimore, June 17 & 18  Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 42 of Emagine The Future! On this episode, we are excited to share with you the live recording from the Aquia + AWS 2024 Cloud Compliance Summit held on March 19th, 2024.  Emagine IT was both a sponsor of the happy hour but also a speaking partner. On this episode, you'll be able to tune into the recorded keynote our very own Adam Chun and Erik Dominguez hosted with a group. Key Discussion Points: FedRAMP Post-Authorization & What it Means For Your OrganizationCurrent & Future State of Continuous Monitoring RequirementsFedRAMP PMO Drives Rev5 TransitionConnect with Erik: https://www.linkedin.com/in/erik-dominguez-2589b228/Connect with Adam: https://www.linkedin.com/in/adammchun/Full-Length Video Panel: https://www.youtube.com/watch?v=2ihggDdhmYQ&t=355sSubscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 41 of Emagine The Future! On this episode, we are joined by Ajay Chandhok. Ajay is the CEO & Founder of Stratus Cyber. Leveraging more than two decades of experience spanning the Intelligence Community, defense sector,  federal civilian agencies, and the commercial space, Ajay brings a unique and well-defined perspective. Key Discussion Points: Future of ConMonModernizing Measuring Security Performance Why Our Adversary is Always 2-Steps AheadOver-reliance on Tools Hinder Enterprise Resilience Connect with Ajay:  https://www.linkedin.com/in/ajay-chandhok/Check out Stratus Cyber: https://stratuscyber.com/about-us/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 40 of Emagine The Future our 2nd of our "This Month in Cyber" series - March 2024 edition.February Catchup (Things we missed): NIST 2.0 Cybersecurity Framework: https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-frameworkUS Press release on Future Software should be Memory-Safe: https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/Annual Threat Assessment of the US Intelligence Community Released 2/5/2024: https://www.documentcloud.org/documents/24475399-unclassified-threat-assessment-us-government-2024Microsoft and OpenAI publish a report on Nation-State Hackers using AI for cyber-attacks: https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.htmlIncidents & Breaches: Credential-stealing emails  and Conversation Overflow:  https://www.darkreading.com/cloud-security/conversation-overflow-cyberattacks-bypass-ai-securityNIST National Vulnerability Database Disruption Sees CVE Enrichment on Hold: https://www.infosecurity-magazine.com/news/nist-vulnerability-database/Regulatory & Government: In continuation of last month, FBI and CISA release details on the tactics and techniques threat actors are using to deploy the Phobos ransomware strain on target networks: https://www.darkreading.com/cyberattacks-data-breaches/fbi-cisa-release-iocs-for-phobos-ransomwareNSA's Zero Trust Guidance: https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3695223/nsa-releases-maturity-guidance-for-the-zero-trust-network-and-environment-pillar/Yearly US Intelligence Congress Testimony: https://techcrunch.com/2024/03/11/four-things-we-learned-when-us-spy-chiefs-testified-to-congress/DHS AI Roadmap Plans: https://fedscoop.com/dhs-ai-roadmap/?utm_content=286478443&utm_medium=social&utm_source=linkedin&hss_channel=lcp-1097874Events That Occurred & Events  Philadelphia Cybersecurity Conference, Virtual and Philadelphia, Pennsylvania: April 4 SANS New2Cyber Summit 2024–Central US, Virtual: April 4 – 15 Cybersecurity Implications of AI Summit: North America West Summit, Seattle, Washington: April 16 Google Cloud Next ’24, Las Vegas, Nevada: April 9 – 11 Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 39 of Emagine The Future! On this episode, we are joined by Sebastian "Seb" Ewald. Seb is a Founding Partners for Unicorn Strategies, served in the Marine Corp for more than a decade, and have been entrenched in cybersecurity (and cyber warfare) for his entire career. Key Discussion Points: The State of the Threat LandscapeStacking Data & Seeing the Full Picture of RiskUnderstanding our AdversaryCloud & Software Supply Chain Building Enterprise ResilienceConnect with Seb:  https://www.linkedin.com/in/sebastian-ewald/Check out Unicorn Strategies: https://www.unicornstrategies.com/Check out NatSecGirlSquad: https://www.natsecgirlsquad.com/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 38 of Emagine The Future our 2nd of our "This Month in Cyber" series - February 2024 edition. January Catchup (Things we missed): CISA, FBI, and EPA Release Incident Response Guide for Water and Wastewaste Systems Sector Pwn2Own 2024: EVs take on electric vehicles, vehicle chargers, operating systems, and components Fulton County Suffers Power Outages as Cyber Attacks Continue  Incidents & Breaches: China Infiltrates US Critical Infrastructure in Ramp-up to Conflict Ongoing Azure Compromises Target Senior Execs Microsoft 365 Apps Regulatory & Government: CISA Director Jen Easterly gave her opening statement before the House Select Committee on Strategic Competition Between the United States and the Chinese Communist Party. SEC Rules on Cybersecurity Incident Disclosure (July 2023 + Feb 2024 Comments) OWASP Releases LLM AI Security and Governance Checklist V1 Events:Zero Trust World 2024 (threatlocker.com)  February 26 - 28, 2024 Caribe Royale, Orlando, FL SANS 2024 in Orlando, FL | Cyber Security Training  Mar. 24-49, SANS 2024, Orlando, Fla. 2024 USA | RSA Conference  May 6-9, RSA Conference USA 2024, San Francisco, Calif. Black Hat Spring Trainings 2024  Black Hat Spring Training Mar 12, 2024 – Mar 15, 2024 Connect with Erik: https://www.linkedin.com/in/erik-dominguez-2589b228/Connect with Jeremy: https://www.linkedin.com/in/jeremyfrancese/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 37 of Emagine The Future! On this episode, we are joined by Scott Corey, Former Chief Information Officer of the Administration For Community Living (ACL).Key Discussion Points: The State of the Threat LandscapeMoving from On-Prem to the Cloud (to position for future)Project and Program Level Governance Leveraging Artificial Intelligence to Enabled Decision SupportConnect with Scott:  https://www.linkedin.com/in/jscottcory/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 36 of Emagine The Future! On this episode, we are joined by our good friend Charles Rush, Founder of Rush IT and Mentor in Blacks in Cybersecurity. Key Discussion Points: The State of Vulnerability ManagementThe Threat Landscape & Its Impact on SMBsThe State of Cybersecurity in 2024Mentorship & Giving BackConnect with Charles:  https://www.linkedin.com/in/charles-rush-83664312/Check out Rush IT:  https://www.rushitllc.com/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 35 of Emagine The Future! On this episode, we are joined by Jothi Dugar. With over 25 years of experience, Jothi Dugar is a leading federal government executive that takes pride in being a global change agent for human centric approaches to Technology and Cybersecurity.  She is currently the Acting Deputy Director at the NIH Center for Information Technology and was previously a Chief Information Security Officer at the NIH for over ten years. She is a catalyst for change, inspiring transformational leadership as a holistic wellness specialist, certified life coach, international best-selling author, motivational speaker, dance director, and a mom of three. Jothi is passionate about empowering women to take charge of their lives and break through the glass ceiling.Key Discussion Points: Overcoming Adversity (When The Odds Are Stacked Against You)Growing From Individual Technical Contributor to Team LeadCross Training To Build Resilience, Workforce Planning, and CultureLeading With Vulnerability (Takes Courage But Can Be Powerful)Connect with Jothi Dugar:  https://www.linkedin.com/in/jothi-dugar-the-chaos-guru-971816/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 34 of Emagine The Future! On this episode, we launch our brand new "This Month in Cyber" format, a monthly catch-all as it relates to:Recent Incidents, Hacks, and BreachesRecent Policy & Regulations Releases or UpdatesNew and Interesting Tool/Tech ReleasesUpcoming Events (next 60-90 days)Key Segments:0:00-1:30: Introducing New Format (This Month in Cyber)2:00-25:30: January Incident, Hacks, and Breaches 25:30- 40:00: Policy & Regulations (GAO’s FedRAMP Review and Pending Release of New Pen Testing Requirements)41:00-43:30: Cyber Events Coming Up (Rocky Mt. Cyber & 2024 Cloud Compliance Summit)Connect with Erik: https://www.linkedin.com/in/erik-dominguez-2589b228/Connect with Jeremy: https://www.linkedin.com/in/jeremyfrancese/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 33 of Emagine The Future! On this episode, we are joined by Nicholas Swartz, former Army Deep Sea Diver turned Cloud Enthusiast, who went from leading deep sea dive teams in Kuwait to ECMA - Enterprise Cloud Management Agency in the US Army, where he currently serves as  Cloud Services Division Project Manager. Key Discussion Points: Similarities Between Working in Deep Sea Diving & Cloud TechnologyOne Trait Great Teams Have in CommonPlanning & Execution from US Deep Sea Dive Commander to Cloud Project ManagementBreaking Down SilosCommunication in Hybrid & Virtual Work EnvironmentsKnowing The Real Problem You're SolvingConnect with Nic Swartz:  https://www.linkedin.com/in/nicholas-g-swartz/Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 32 of Emagine The Future! On this episode, we are joined by Major Julie Clavier, former Cyber Defense Branch Chief for the Air Force Air Mobility Command (AMC). Key Discussion Points: The Intersection of Video Games & Cyber OperationsCountering Misinformation to Build ResilienceChanging Jobs & Managing RelocationThe Evolving Definition of “Qualified Talent”Collaborating Cross Domain & Cross Function To Support the MissionBridging the Gap With Younger GenerationsConnect with Major Clavier:  https://www.linkedin.com/in/jeclavier/Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 31 of Emagine The Future! On this episode, we share with you the live recording from our 2023 Year In Review: Cyber Edition Panel with:• Bilal Baisa - Chief Information Security Officer, NTIS• Chris Hughes – President of Aquia and CISA Fellow• Husein Sharaf – CEO & Founder of Cloudforce• Erik Dominquez – Senior Manager, Penetration Testing and FedRAMP, Emagine ITDuring this 60-minute webinar we reflect on the year that was, take stock of where we are today, and look forward to the year ahead to ensure readiness.  Key Discussion Points:  Anchor the Conversation - POV Entering 2023  Artificial Intelligence (state of conversation, October Executive Order, LLM’s contribution to democratizing AI and the impact on the security, impact on FedRAMP + Red/Blue teams)Software Supply Chain Security and Vulnerability ManagementZero Trust2024 PredictionsConnect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/If you're enjoying the show, please leave a review so we can continue to add value to this valuable community. Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 30 of Emagine The Future! On this episode, we are joined by Joe Falcione.  By day, Joe serves as the Branch Chief, End-User Services for the National Archives and Records Administrations, and by night, the Owner of  Reliant Films, his production company where he films, writes, directs, and more. During the conversation,  discuss Joe's unique journey as a creative who took a different path, enlisting in the US Army, how managers and employees can create great outcomes while giving people their flowers, as well as key topics:Key Discussion Points: Pursuing Challenging Problems (Risk vs. Reward)Learning To Manage-Up To Create Career OpportunitiesDifference Between Good Managers & Great ManagersBetting on Yourself How To Set Up Technology Modernization For SuccessConnect with Joe: https://www.linkedin.com/in/joe-falcione-3533698/Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 29 of Emagine The Future! On this episode, we are joined by Shane Gallagher, Founder & CEO of CyberVets.org, live from our November 11th, 2023 inaugural Emagine The Future Capture The Flag Event at Loyola University Maryland After we finished our Series of Fireside chats, Shane joined us to discuss his story in greater detail, as well as unpack topics such as:Key Discussion Points: Developing an Obsession for Cyber TrainingUnderstanding How People LearnVision of the Future of CyberThe Evolution of Training & DevelopmentConnect with Dr. Gallagher: https://www.linkedin.com/in/psgallagher/Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 28 of Emagine The Future! On this episode, we are joined by Thomas Schankweiler, Director of Information System Security at the Centers for Medicare & Medicaid Services live from our November 11th, 2023 inaugural Emagine The Future Capture The Flag Event at Loyola University Maryland After we finished our Series of Fireside chats, Tom joined us to discuss his story in greater detail, as well as unpack topics such as:Key Discussion Points: State of Threat LandscapeLeading Teams & Fostering Healthy DebateVision of the Future of CyberConnecting Cyber To the Business (Not Just The IT)Value of Being In-Person & Meeting PeopleConnect with Tom: https://www.linkedin.com/in/thomas-schankweiler/Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/If you're enjoying the show, please leave a review so we can continue to add value to this valuable community. Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 27 of Emagine The Future! On this episode, we are joined by Brian Wilson, Organizational Change Manager at SEC (U.S. Securities and Exchange Commission).During this conversation, we discussed Brian's unique story at the intersection of people, processes, technology, and creativity, as well as the following topics:Key Discussion Points: Career Advice on Navigating Being Laid OffManaging Organizational ChangeThe Role Listening Plays in Effective Change ManagementManaging Resistance to ChangeArticulating The Value Proposition of ChangeConnect with Brian: https://www.linkedin.com/in/brianadrian85/Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/If you're enjoying the show, please leave a review so we can continue to add value to this valuable community. Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 26 of Emagine The Future! On this episode, we are joined by Husein Sharaf, CEO and Founder of Cloudforce. During this conversation, we discussed Husein's unique story from graduating high school at 16, finding a way to pay for rent, and how an early job at the computer store served as the gateway to today where he leads Cloudforce, a rapidly growing Azure cloud consultancy. Key Topics: Current State of Cloud Why Cloudforce Bet on Azure over AWSQualities of Great ConsultantsGrowing a business from independent consulting to 50+ people Creating a Culture of GrowthConnect with Husein: https://www.linkedin.com/in/husein-sharaf/Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/If you're enjoying the show, please leave a review so we can continue to add value to this valuable community. Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 25 of Emagine The Future! On this episode, we have something different that we are confident you'll love.  Last Saturday, November 11th, we hosted 58 college students from 10 different universities for our 1st Capture The Flag (CTF) cyber competition at Loyola University Maryland.Including people who came to watch it, we hosted more than 80 people across industry, government, and academia.Before the CTF was kicked off, we opened the day with a breakfast discussion driven by a series of interactive fireside chats with cybersecurity leaders from the financial Fortune 500, the intelligence community, the defense sector, and healthcare. This gave the students time to hear firsthand what it takes to achieve success at a high level in the world of cyber and walk away with something actionable to help them make their mark.Included here is the full-length recording of the 4 fireside chats, including the audience Q&A.Our speakers included: Gabe Pearson: Senior Cyber Security Analyst at T. Rowe PriceTravis “JT” Dill: CyberVets Founder and Former NSA and Navy Cryptologic Warfare Officer Thomas Schankweler:  Director of the Division of Cyber Threat and Security Operations at Centers for Medicare and Medicaid Services Major Michael Kranch: Cyber Operations Officer U.S. ArmyConnect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/If you're enjoying the show, please leave a review so we can continue to add value to this valuable community. Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/

Welcome to Episode 24 of Emagine The Future! On this episode, we release the audio exclusive from an EIT Cyber News Break where our very own senior cyber expert, Erik Dominguez joins us to discuss the 1st ever-release of the Federal Emergency Management Agency (FEMA) and the Cybersecurity and Infrastructure Security Agency (CISA) joint guide Planning Considerations for Cyber Incidents. Key Topics: What is this product and what is its intended purpose?Why would FEMA & CISA develop and release this type of product? What could this indicate moving forward?What is expected to be the response from the industry?What should emergency and cyber professionals be doing immediately following the release of the guidelines?Connect with Us: https://www.linkedin.com/company/emagine-it-inc-/posts/If you're enjoying the show, please leave a review so we can continue to add value to this valuable community. Subscribe on YouTube: https://www.youtube.com/@EITisCyberConnect on LinkedIn: https://www.linkedin.com/company/emagine-it-inc-/posts/