Saturday, March 19, 2016

NIST Updates CSF Meeting Agenda

This week the National Institute of Standards and Technology (NIST) updated the draft agenda for their 2016 Cybersecurity Framework Workshop next month. The new agenda (.PDF) expands the information available on the topics to be discussed. My earlier post on this workshop can be found here.

The first day of the workshop (April 5th) is primarily designed for attendees who are not completely familiar with the Cybersecurity Framework (CSF) or the methodology that NIST used to develop the CSF. There will be two separate (but identical) Framework overviews presented by NIST. Attendance is obviously optional.

During the remainder of the 3-day workshop there will be three panel discussions and a number of working sessions. The panels will include:

• NIST Panel RFI Readout;
• Framework Use (Red Auditorium);
• International Alignment (Red Auditorium);
• Maritime Framework Profile (Green Auditorium);
• Cybersecurity Insurance (Red Auditorium); and
• State, Local, and Tribal Framework Use (Red Auditorium)

Based upon past NIST CSF workshops the working sessions will typically be led by NIST personnel, but will focus on audience participation and input. Topics for the working sessions will include:

• Roadmap Items – Privacy and Civil Liberties, International Alignment;
• RFI Topics – Governance, Framework Update;
• Special Topics in Framework Use – U.S. Coast Guard Framework Profile;
• Roadmap Items – Supply Chain Risk Management, Confidence Mechanisms;
• RFI Topics – Governance, Framework Update, Best Practice Sharing;
• Roadmap Items – Workforce and Education, Automated Indicator Sharing;
• RFI Topics – Governance, Framework Update, Best Practice Sharing;
• Special Topics in Framework Use – FFIEC Cybersecurity Assessment Tool;
• Roadmap Items – Authentication, Federal Agency Cybersecurity Alignment;
• RFI Topics - Framework Update; and
• Special Topics in Framework Use – CSIP Recover Publication

This agenda may be refined somewhat more as the dates approach, but based upon past workshops, this will be pretty much what will be going on. Before the workshop starts I expect that we will have at least a preliminary assessment by NIST of the RFI Comments.

No comments:

/* Use this with templates/template-twocol.html */