Skip Navigation

The U.S. Military generates data at unprecedented rates, all the time, and in various locations from core data centers to the cloud to the tactical edge. Data drives everything. The Defense Department needs the flexibility to use its aggregated data for multi-domain operations without compromising security.

Join Brent Hansen and Col. Carl Young for a fireside chat discussing multi-domain data protection. These two data experts will share insightful best practices that will help attendees tackle their data strategy.

Discussion topics include:

  • Identifying risk points throughout the lifecycle of data.
  • Incorporating data security into an existing enterprise architecture.
  • Protecting data in compromised environments.
  • Planning for secure data migrations to the cloud.

This webinar has been approved by CertNexus for 1 CEC for CyberSec First Responder and by CompTIA for 1 CEU for A+, Network+, Security+, Linux+, and Cloud+.

Watch Now

During this webinar, attendees learned how to develop a three-point strategy for protecting sensitive data in their organization. Attendees also learned about:

  • Data security challenges in the age of data proliferation
  • Strategies to discover and classify critical data
  • Data-centric security best practices

Watch Now

In January, the National Security Agency issued its first Cybersecurity Year in Review, detailing the agency’s progress in preventing and removing threats to U.S. systems and critical infrastructure in 2020.

The emergence of COVID-19 made Intelligence Community efforts to improve cybersecurity a critical element in the nationwide effort to contain the pandemic. The widespread implementation of telework, by both the private sector and all levels of government, expanded the attack surfaces for bad actors.

Operation Warp Speed, the program developing vaccines to protect the U.S. and the world, required protection from malicious interests. Similarly, the 2020 presidential election needed to be secured from foreign interference.

Join us for an in-depth examination of ways to mitigate risk in critical systems and cyber environments in these volatile times.



 Matthew Riddle
 Deputy Chief Information Officer,


 Gary Buchanan
 Chief Information Security Officer,


 Brent Hansen
 Chief Technology Officer,
 Thales Trusted Cyber Technologies


 Michael Kennedy 
 Discussion Moderator, and
 Senior National Intelligence Service Officer (ret.) 

Learning Objectives    

  • Outline the steps to adopting a Zero Trust architecture.
  • Detail the key principles for protecting data from the data center to the cloud.
  • Delineate requirements to manage supply chain risks.
  • Analyze methods for identifying internal and external breaches and containing their spread.

Watch Now

Cloud Service Providers (CSPs) emphasize the shared responsibility model for securing data in the cloud and meeting compliance requirements for information protection. CSPs own the responsibility to secure the infrastructure that runs their cloud services. Data owners are responsible for protecting the confidentiality, integrity, and availability of their data in the cloud. Making sure that this data is safe from unauthorized access requires organizations to consider not only the physical and logical security of the CSP but also who is encrypting the data; when and where the data is being encrypted; and who is creating, managing, and accessing the encryption keys.

In this session, attendees learned how to reduce the risks associated with storing sensitive data in the cloud. The speaker will address topics such as:

  • Meeting compliance and regulatory mandates
  • Applying customer-owned encryption and key management
  • Deploying a hybrid cloud for increased security
  • Utilizing multiple cloud providers effectively

Download Now

To recap, during this webinar attendees learned how to develop a data classification strategy that enables you to get a clear understanding of what sensitive data you have, where it is located, and its risk exposure. The speakers also discussed topics including:

  • Providing guidance on orchestrating the data discovery and classification planning in your organization
  • Identifying what sensitive data your organization has, where it is, and how it relates to data privacy regulations
  • Understanding and defining data sensitivity levels as part of an impact analysis exercise
  • Providing guidance on the remediation process
  • Identifying the main roles and responsibilities related with this process

Watch Now

Files from the web are network assassins. Here are no-excuse defenses.

As of 2018, supply chain attacks have increased 78%. By infiltrating a supply chain network, attackers can spread malware throughout connected networks and devices.

Governments worldwide have been affected by supply chain attacks facilitated through the spread of an evasive and malicious software update file. In a recent attack, bad actors successfully programmed trojanized update files with a dormancy period of up to 2 weeks and temporary file replacement techniques in order to evade detection.

Almost all successful attacks use malware hidden in a file or attachment at some point in their attack strategy. If you wait for detect and response actions, you are probably a statistic. Put technology to work to ensure files are safe to enter. Don't be the weak link in anyone's supply chain or, worse yet, your own weak link.

Join Votiro's Director of Engineering, Richard Hosgood, and Thales Trusted Cyber Technologies' CTO, Brent Hansen, to learn:

  • How file attestation can be used to verify file integrity before downloading files to the network. 
  • How web isolation prevents compromised browsers from downloading malicious code. 
  • How Positive Selection technology proactively removes malicious code—including zero-days—from any files without removing active content or compromising user experience. 

Watch Now

Teradata databases and big data analytics enable agencies to leverage information to fuel improved decisions, services, and results. However, Teradata-powered environments can bring together a wide range of data repositories—including those that contain sensitive assets. Without proper protections, these sensitive assets can inadvertently be exposed by privileged administrators, or be the target of theft by malicious insiders and external attackers.

Download a replay to learn how to secure your agency's Teradata databases and big data environments. The session will discuss how to:

  • Centrally manage encryption across your Teradata environments—including the Teradata database and Teradata Appliance for Hadoop
  • Enforce granular controls to enable administrators to perform operational tasks, without accessing sensitive data
  • Centrally manage encryption keys and policies
  • Boost security without compromising the value of big data analytics
  • Establish protections against cyberattacks and abuse by privileged users
  • Reduce costs and administrative overhead relative to other data protection solutions for Teradata

Watch Now

During this webinar attendees learned how Thales Trusted Cyber Technologies' Luna Credential System introduces a new approach to multi-factor authentication by maintaining user credentials in a centralized hardware device that is securely accessible by endpoints in a distributed network.

The session discussed how the Luna Credential System can address multi-factor authentication challenges such as:

  • Issuing hardware-based identity credentials to NPEs and software robots
  • User authentication across the mobile workforce and a disparate variety of devices
  • Credential data protection to mitigate the risk of accidental loss or intentional compromise of a physical token
  • Digital signatures issuance for humans and NPEs
  • OMB Memo M-19-17, DoD Instruction 8520.3, and NIST 800-63-2 E Authentication compliance

Watch Now

Zero Trust is not just another buzzword in a never-ending list of tech trends. The principles of zero trust eliminates the binary trust/don't trust approach applied to users and assets in yesterday's on-premise, perimeter-centric environments.

According to a recent survey, 100% of U.S. Federal Government agencies are storing sensitive data in third-party cloud, mobile, social, big data and IoT platforms, which inherently makes data vulnerable. Traditional perimeter protection does not protect off-premise data, which speaks to the need to take a zero trust approach to data security.

Attend this webinar to learn about the best practices for implementing a zero trust architecture to protect your most sensitive data despite the dissolving perimeter. The webinar will discuss the top 5 things you need to know about zero trust:

1.           The basics. What is zero trust and how does it apply to data security

2.           Setting the stage. How digital transformation can make data vulnerable

3.           Getting to work. Tips for putting zero trust architecture into action

4.           What about the cloud? Implementing zero trust in a multi-cloud environment

5.           Pulling it all together.  How to develop a long term strategy to protect data throughout its lifecycle


  • Nicholas Jovanovic, Senior Vice President of Sales, Thales Trusted Cyber Technologies, Moderator
  • Brent Hansen, Chief Technology Officer, Thales Cyber Technologies
  • Steven Hernandez, Chief Information Security Officer, Department of Education

Download Now

Government agencies' digital transformation has vastly increased the complexity of security. Technologies such as cloud computing, AI, IoT, analytics, machine learning, and edge computing open up more vulnerabilities and areas for cyber-attack. Sensitive data is at a greater risk than ever before.

The importance of integrity, confidentiality, and trust 

A strong foundation for digital security means you are protected without compromising agility, usability, or scalability so that you can meet the high demands of regulations and audit requirements. Ensuring you cryptographic keys and digital identities are always secure and establishing integrity, confidentiality, and trust between devices, users, and data are critical.

Attend this webinar to learn to implement a strong root of trust to secure the most sensitive data. We will discuss how hardware security modules (HSMs): 

  • Secure critical data and digital identities 
  • Support a variety of well-known and emerging cybersecurity use cases 
  • Address compliance needs 
  • Secure your infrastructure, network, devices, applications, and data regardless of where they are located

Download Now

No matter where or how the people in your organization work, there is always the need to share and sync files - both internally and externally. While you want to enable collaboration, data security should always be the first priority. If it’s not, the risk of non-compliance and data breaches become a serious problem.

Attend Thales TCT’s upcoming webinar to learn about Thales SureDrop, the most secure file sharing tool with 100% control over data sovereignty. We will discuss how SureDrop allows people to store, share and sync all their files in the Cloud or on premises with an enterprise-class solution and defense-grade security.

Watch Now

File-borne attacks are on the rise, and 80% of successful breaches are new, unknown, or zero-day attacks that are not recognized by traditional signature-based detection solutions, such as antivirus. An example of this is an April 2020 attack that delivered Dridex ransomware to FedEx, UPS, and DHL customers. Sophisticated phishing emails—cleverly disguised to appear to be from company email accounts were sent with legitimate-looking attachments that delivered the payload. This threat's signature was not recognized in antivirus databases for 2 entire days, leaving the business' vulnerable.

In the past, detection and alert-based security tools were best-in-class. But in a world of zero-days and an overwhelming amount of attacks, these solutions miss massive quantities of threats—as much as 40%—leaving security teams fighting both alert fatigue and new threats from all fronts.

In this talk, Brent Hansen, Thales TCT's CTO, and Richard Hosgood, white hat hacker and North American Director of Engineering at file security company, Votiro, dissects the April 2020 phishing attack, the gaps that antivirus and next-generation antivirus leave for unknown and zero-day threats, and how an emerging technology called Positive Selection technology can prevent these types of attacks.

Download Now

Certificate-based, multi-factor authentication is a mainstay security technique used by the U.S. Federal Government to secure access to agency networks, protect the identities of users, and ensure that a user is who they claim to be.

Evolving needs around cloud applications and mobile devices, combined with rising threats, and the need to reduce costs, require entirely new considerations for access control.

View this on-demand recording to hear from Thales TCT, and their partner Intercede, where you will have the opportunity to learn how to strengthen your authentication and address topics such as:

  • Gaining better self-control of data
  • Improving management and visibility
  • Addressing access security methods of any user and any risk level
  • Deploying future-ready solutions to address evolving business needs

Download Now

We are at digital war and data is the target. No organization is immune from data security threats and the US Federal government is no exception. More than half of federal data is now stored in the cloud, and a significant portion is sensitive. Yet, despite this exposure, in the 2020 Thales Data Threat Report 99% of federal government respondents say at least some of their sensitive data in the cloud is not encrypted. IT security departments must now, more than ever, embrace and own their portion of the cloud shared responsibility model and implement data security best practices, as the cloud provider does not guarantee security at the data level. This digital event highlighted results from the 2020 Thales Data Threat Report and explored best practices for securing data in cloud and multi-cloud environments.

Download Now

U.S. Federal agencies often require PKI certificate-based authentication to perform Windows Logon and to access public key enabled systems. This requires use of a multi-factor authentication token that performs a cryptographic operation using the certificate and keys residing within the token.

Traditional multi-factor authentication introduces roadblocks to technologies like Robotic Process Automation (RPA). The OMB Memo M-19-17 outlines a policy that requires management of digital identities of non-person entities such as software robots. This means that all software robots are required to have individual digital identities and credentials that are managed in the same fashion as traditional user identities. Although software robots cannot be issued a physical token, they can utilize multi-factor login capabilities through the use of a centralized, hardware security module-based authentication system.

View this webinar to learn how Thales TCT’s Luna Credential System integrates with UiPath’s RPA platform to provide hardware-protected PKI credentials for software robots. The session will discuss topics including:

  • An introduction to RPA
  • RPA cryptographic authentication best practices
  • OMB Memo M-19-17 compliance RPA
  • RPA Defense Department Implementation Overview

Watch Now

Historically, organizations have taken a perimeter based approach to cyber security, with the belief that a strong perimeter protected the IT infrastructure behind it. But, as agencies modernize legacy systems and move apps, systems and workloads to the cloud – and more employees, contractors and citizens connect remotely and from multiple devices – something is happening across federal networks; the perimeter is dissolving. Data is the new perimeter. Therefore, identifying and protecting data wherever it is created, shared, or stored, through its entire lifecycle becomes the priority. This digital briefing unveiled the survey results in the 2020 Thales Data Threat Report – Federal and shared best practices in creating a cohesive data security strategy in a perimeterless world. 

Watch Now

With cloud and digital initiatives underway throughout U.S. Federal agencies, new attacks occurring daily, and traditional threats, many agencies are struggling to protect critical citizen data, financial information and government secrets. This is especially true as more agencies move applications and sensitive data to the cloud. In this session we’ll address the state of data security in U.S. Federal agencies today, the changing landscape of risks to data, and agency IT security pros priorities for data security today.

Based on the results from the 2020 Thales Data Threat Report – Federal Edition (now in its eighth year), expect to learn about:

• How the adoption of digital transformation technologies, and especially cloud, are putting sensitive data at greater risk
• The data security challenges facing agencies today
• Critical analyst recommendations for how agencies can be most effective when investing in protecting their crown jewels – their sensitive data

Download Now

Federal agencies require a simple way to correlate all security-relevant data so they can manage their security posture. Instead of merely watching events after they occur, agencies should anticipate their occurrence and implement measures to limit vulnerabilities in real time. For that, agencies need an analytics-driven SIEM platform such as Splunk.

However, once data is correlated by SEIM tools, it becomes extremely valuable. By integrating an encryption and key management solution such as Vormetric Data Security Platform with Splunk, agencies can ensure that their operational intelligence is protected from surreptitious attacks.

View this on-demand recording with Thales TCT to learn how to protect Splunk indexes and provide enhanced visibility on the processes and users who are accessing protected data.

Download Now

Thales Trusted Cyber Technologies, offers a network security solution that provides high-assurance data protection; dedicated encryption devices from 100Mbps to 100Gbps, support for multiple network and protocol configurations, secure key management, and authenticated end-to-end encryption.

During this on-demand webinar, you will have the opportunity to learn about:

  • Thales High Speed Encryption product line
  • High Speed Encryption use cases and network configuration
  • High Speed Encryption enterprise management
  • Transport Independent Mode

Download Now

Attendees of this webcast learned how to easily secure data in a virtual environment through encryption in order to:

  • Ensure compliance with regulations and security policies
  • Protect directory services and intellectual property
  • Secure data in disaster recovery sites

Download Now

Attendees of this SafeNet Assured Technologies, Carahsoft, Emergent and V3Gate webinar learned how to apply the Encrypt Everything philosophy to protect PHI data. We broke down the HIPAA mandate and taught participants how to implement best practices to address key regulations, such as:

  • Workforce and workplace security
  • Information access management
  • Contingency plans
  • Personal and entity authentication 
  • Transmission security 

Download Now

Attendees of this webcast learned about next generation authentication methods that provide secure access to networks and applications from a variety of devices while ensuring compliance. We also discussed:

  • FISMA Compliance & Electronic Authentication Guidelines
  • HSPD-12 Compliance & PIV Derived Credentials for Remote Identity Populations

Download Now

Attendees of this webcast learned the best practices for Layer 2 network encryption, such as:

  • Protecting networks from fiber tapping threats and private VLAN vulnerabilities
  • Complying with mandates
  • Implementing flexible, future-proof designs
  • Ensuring performance and efficiency
  • Employing a cost effective solution

Download Now

Attendees of this webcast learned about best practices for high speed network encryption. During this time, we explored:

  • Benefits of layer 2 network encryption
  • Utilizing transmission security to protect data in motion
  • Protecting closed-circuit television and video surveillance transmissions
  • Securing point-to-point and point-to-multi point communications

Download Now

Attendees of this webcast learned about best practices for protecting high value data-at-rest, including:

  • Implementing dynamic encryption for data-at-rest protection
  • Centralizing key management to secure and manage encryption keys
  • Separating server administration responsibility from data access and key management

Download Now

Attendees of this webcast learned about best practices for protecting high value data-at-rest, including:

  • Implementing dynamic encryption for data-at-rest protection
  • Centralizing key management to secure and manage encryption keys
  • Separating server administration responsibility from data access and key management

Download Now

Attendees of this webcast learned more about the three-step process to effective data at rest protection. During this time we discussed:

  • How to identify your high value data assets and create a plan to protect them
  • Different encryption methods for structured and unstructured data
  • Importance of key management

Download Now

Attendees of this webcast learned why enterprise key management is a vital component of a robust data security architecture enabling you to:

  • Protect data against physical theft of disk drives
  • Meet compliance and/or audit mandates
  • Protect intellectual property in multi-tenant environments
  • Secure data located in disaster recovery sites
  • Refresh legacy key management solutions
  • Maintain high performance and availability of user files

Download Now

Attendees of this webcast learned how encryption provides a trusted storage security solution for:

  • Data isolation in multi-tenant environments
  • Privileged user risk mitigation
  • Compliance
  • Archived data and intellectual property protection

Download Now

Attendees of this webcast learned why securing encryption keys in a dedicated hardware key manager better protects your data. During this time, we discussed:

  • Vulnerabilities of storing keys on a server
  • Benefits of external hardware key management
  • Importance of separating administrative duties

Download Now

Attendees of this webcast learned more about the:

  • Administrative burden required to manage fragmented key stores and associated lifecycle operations
  • Inability to provide a consistent policy across multiple encryption solutions
  • Importance of enhanced key protection (FIPS 140-2 Level 3) and governance across key lifecycles

Download Now

Attendees of this webcast learned how you can employ a hardware-based digital signature solution to ensure the validity of critical documents with an easy-to-deploy, high-assurance solution using Adobe® LiveCycle® and SafeNet's Luna SA Hardware Security Module, including how to:

  • Guarantee signer authenticity and data integrity
  • Streamline business processes
  • Reduce costs associated with traditional paper-based processes
  • Ensure legal compliance

Download Now

Attendees of this learned how to easily deploy a cost-effective DNSSEC solution that does not increase the burden on DNS administrators and:

  • Boosts security
  • Reduces costs
  • Controls access
  • Maintains application integrity
  • Scales to accommodate high volume processing

Download Now

Attendees of this webcast learned how to protect cryptographic keys by easily integrating hardware security modules to applications in order to secure:

  • PKI/Certificate Services
  • Database and File Encryption
  • Web Services
  • Cloud Services

Download Now

Attendees of this F5 | SafeNet webcast learned how to secure and optimize the delivery of enterprise applications, including how F5's BIG-IP System integrated with SafeNet's Luna SA HSM can:

  • Deliver high performance processing
  • Provide robust security
  • Meet compliance standards
  • Secure the transport layer while improving data center performance

Download Now

During this session, we discussed the best practices for protecting cryptographic keys. Attendees learned how to::

  • Meet compliance mandates such as HIPAA, FISMA, FedRAMP
  • Safely store sensitive data in the cloud
  • Mitigate the insider threat
  • Protect intellectual property in multi-tenant environments

Download Now

Core data center functionality is moving to the field as part of battlefield multi-domain transformation. It is becoming commonplace for command posts, mobile command centers, and even mobile platforms: vehicles, ships, and planes to contain micro data centers that provide new capabilities and services at the cyber-edge to the warfighter. What still needs to be addressed is how to effectively transition existing core cyber security controls so that data is protected in the field when faced with conditions such as:

  • Harsh environments
  • Bandwidth-limited and disconnected environment
  • Supply Chain Security
  • Overrun or hostile scenarios
  • SWaP Constraints

This session will discuss how core cyber security controls can be transitioned to the tactical field in order to safely provide highly sensitive data for command and warfighters at the cyber-edge.

Download Now

This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.