This week the National Institute of Standards and Technology
(NIST) updated the draft agenda for their 2016
Cybersecurity Framework Workshop next month. The new agenda (.PDF)
expands the information available on the topics to be discussed. My earlier
post on this workshop can be found here.
The first day of the workshop (April 5th) is
primarily designed for attendees who are not completely familiar with the
Cybersecurity Framework (CSF) or the methodology that NIST used to develop the
CSF. There will be two separate (but identical) Framework overviews presented
by NIST. Attendance is obviously optional.
During the remainder of the 3-day workshop there will be
three panel discussions and a number of working sessions. The panels will
include:
• NIST Panel RFI Readout;
• Framework Use (Red Auditorium);
• International Alignment (Red
Auditorium);
• Maritime Framework Profile (Green
Auditorium);
• Cybersecurity Insurance (Red
Auditorium); and
• State, Local, and Tribal Framework Use (Red
Auditorium)
Based upon past NIST CSF workshops the working sessions will
typically be led by NIST personnel, but will focus on audience participation
and input. Topics for the working sessions will include:
• Roadmap Items – Privacy and Civil
Liberties, International Alignment;
• RFI Topics – Governance,
Framework Update;
• Special Topics in Framework Use –
U.S. Coast Guard Framework Profile;
• Roadmap Items – Supply Chain Risk
Management, Confidence Mechanisms;
• RFI Topics – Governance,
Framework Update, Best Practice Sharing;
• Roadmap Items – Workforce and
Education, Automated Indicator Sharing;
• RFI Topics – Governance,
Framework Update, Best Practice Sharing;
• Special Topics in Framework Use –
FFIEC Cybersecurity Assessment Tool;
• Roadmap Items – Authentication,
Federal Agency Cybersecurity Alignment;
• RFI Topics - Framework Update;
and
• Special Topics in Framework Use –
CSIP Recover Publication
This agenda may be refined somewhat more as the dates
approach, but based upon past workshops, this will be pretty much what will be
going on. Before the workshop starts I expect that we will have at least a
preliminary assessment by NIST of the RFI Comments.
Posts
No comments:
Post a Comment