Implementing SaaS Security Guidelines (IR113)
CISA is proud to offer the cybersecurity awareness webinar Implementing SaaS Security Guidelines (IR113). We are excited to share this information with stakeholders across the federal enterprise and nationally.
This webinar is intended for a non-technical audience and anyone involved in the procurement or development of cloud business applications, delivered through a Software as a Service (SaaS) model including: Cloud architects and engineers, Network architects and engineers, Cybersecurity program managers, and Cybersecurity Analysts.
With the increasing use of SaaS applications in Government agencies, and in response to Executive Order 14028 “Improving the Nation’s Cybersecurity”, “CISA in collaboration with the United States Digital Service (USDS) and FedRAMP, developed the Cloud Security Technical Reference Architecture (TRA). This guide will assist agencies as they securely transition to the cloud. In addition, CISA created the Secure Cloud Business Applications (SCuBA) project to provide guidance to address cybersecurity and visibility gaps in FCEB cloud business applications. CISA is proud to present this one-hour webinar introducing strategies to secure SaaS and cloud business applications.
This webinar includes the following information and more:
- Identify and Mitigate Vulnerabilities: Provide knowledge and skills to identify and address cybersecurity challenges in federal cloud business applications, emphasizing a Zero-Trust approach and the integration of various cloud security services.
- Importance of SCuBA Technical Reference Architecture (TRA) and extensible Visibility Reference Framework (eVRF): Define the background and purpose of the SCuBA project and associated guidelines to secure cloud-based business applications.
- MITRE ATT&CK Framework: Explain how the MITRE ATT&CK framework is used to characterize threat sources and Tactics, Techniques, and Procedures specific to cloud platforms.
- Key Guidance for Organizations: Identify specific cloud security guidance and strategies for the implementation of security controls on a SaaS.
- Knowledge Check: The course includes a brief knowledge check section to reinforce key concepts and takeaways.
Event Logistics:
- Date: Wednesday, November 13, 2024
- Time: 11 a.m. - noon EDT
- Location: Online via WebEx
- CPE Credit: Participants can earn 1 CPE credit for attending this course.
- Note: Audio is through WebEx; there is no external dial-in. Closed captioning (English only) will be available during this training event. Previously recorded webinars are available on the CISA YouTube channel for playback in other languages, if required.
If you require a reasonable accommodation to fully participate in this virtual event, please contact cyberinsights@cisa.dhs.gov at least five business days prior to the training with the type of support you need.