F e de r al Compute r Se c ur ity Manage r s’ F or um Me e ting Aug ust 19, 2019 NI ST Ga ithe rsb urg NI ST We st Sq ua re
NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2
NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2
NIST-Guest Wireless Network NIST-Guest is broadcasted; Use this network to connect your device. 1. Connect wirelessly to SSID: NIST-Guest 2. Open your browser, as needed. 3. If using iOS (iPhones and iPads), access a web page that does not use https:// to get to the Access and Use Policy. 4. If using Android devices, a web page will automatically open with the Access and Use Policy. Review the complete Access and Use Policy by scrolling to the bottom of the Window. Acknowledge that you agree to the terms identified by selecting ACCEPT. Device access will be blocked if (1) it is a NIST-owned device; (2) malware or other malicious activity is detected; or (3) inappropriate online behavior is detected. For more information, see: https://www.nist.gov/oism/access-and-use-nist-guest-network FCSM Quarterly Meeting Overview| 4
FCSM Quarterly Meeting Agenda T ime Age nda Ite m Pr e se nte r We lc o me a nd Jody Jac obs , F CSM Cha irpe rso n, NIST 9:00 a.m. Anno unc e me nts Jaime Noble , Dire c to r fo r I T Se c urity & Building a Se c urity Chie f I nfo rma tio n Se c urity Offic e r, U.S. Autho riza tio n Stra te g y fo r 9:20 a.m. De pa rtme nt o f Justic e , Offic e o f Justic e Clo ud Se rvic e Pro vide rs Pro g ra ms Bre a k 10:20 a.m. F I PS 201-2, Pe rso na l I de ntity aiolo , Co mpute r Sc ie ntist, Hilde gar d F e r r Ve rific a tio n (PI V) o f F e de ra l 10:40 a.m. Co mpute r Se c urity Divisio n, NI ST E mplo ye e s a nd Co ntra c to rs 11:30 a.m. ADJOURN F ORUM ME E T I NG The FCSM forum meeting room will be available until 2:00 p.m. for forum meeting attendees to get together and network, discuss issues among themselves, or ask FCSM/NIST staff about any issues not discussed in the forum meeting. You can bring your lunch or purchase your lunch from the cafeteria and bring it into the room for the networking session. FCSM Quarterly Meeting Overview| 5
NIST Update Re sc inde d NI ST Spe c ia l Pub lic a tio ns NI ST F I SMA Pub lic a tio n Sc he dule Ove rla y Re po sito ry Sa ve the Da te : F Y19 Me e ting s, Wo rksho ps, a nd Co nfe re nc e s FCSM Quarterly Meeting Overview| 6
NIST Rescinded Publication On Ma y 31, 2019 NI ST re sc inde d NI ST Spe c ia l Pub lic a tio n 800-64 Se c urity Co nside ratio ns in the Syste m De ve lo pme nt L ife Cyc le Re fe r to NI ST SP 800-160 Vo lume 1 fo r c urre nt info rma tio n a b o ut syste m life c yc le pro c e sse s a nd syste ms se c urity e ng ine e ring . NI ST inte nds to de ve lo p a white pa pe r tha t de sc rib e s ho w the Risk Ma na g e me nt F ra me wo rk (SP 800-37 Re v. 2) re la te s to syste m de ve lo pme nt life c yc le pro c e sse s a nd sta g e s. FCSM Quarterly Meeting Overview| 7
NIST FISMA Publication Schedule As o f July 2019, NIST is c urre ntly wo rking o n upd a ting the fo llo wing pub lic a tio ns. Unfo rtuna te ly, NIST is no t a b le to g ive a d a te whe n the se pub lic a tio ns will b e re le a se d fo r initia l/ fina l pub lic d ra ft/ fina l pub lic a tio n. T he fo llo wing list is in a lpha b e tic a l o rd e r a nd d o e s no t ind ic a te pub lic a tio n pre fe re nc e : NI ST Spe c ia l Pub lic a tio n 800-18 Re visio n 2, Guide fo r De ve lo ping Syste m Se c urity Pla ns NI ST Spe c ia l Pub lic a tio n 800-53, Re visio n 5 (I nitia l Pub lic Dra ft), Se c urity a nd Priva c y Co ntro ls fo r I nfo rma tio n Syste ms a nd Org a niza tio ns NI ST Spe c ia l Pub lic a tio n 800-53A, Re visio n 5, Asse ssing Se c urity a nd Priva c y Co ntro ls in F e de ra l I nfo rma tio n Syste ms a nd Org a niza tio ns: Building E ffe c tive Asse ssme nt Pla ns NI ST Spe c ia l Pub lic a tio n 800-53B, Co ntro l Ba se line s a nd T a ilo ring Guida nc e fo r F e de ra l I nfo rma tio n Syste ms a nd Org a niza tio ns F e de ra l I nfo rma tio n Pro c e ssing Sta nda rd (F I PS) 199, Re visio n 1, Sta nda rds fo r Se c urity Ca te g o riza tio n o f F e de ra l I nfo rma tio n a nd I nfo rma tio n Syste ms F e de ra l I nfo rma tio n Pro c e ssing Sta nda rd (F I PS) 200 Re visio n 1, Minimum Se c urity Re q uire me nts fo r F e de ra l I nfo rma tio n a nd I nfo rma tio n Syste ms https:/ / c src .nist.g o v/ Pro je c ts/ Risk-Ma na g e me nt/ Sc he dule FCSM Quarterly Meeting Overview| 8
NIST Security Control Overlay Repository (SCOR) Ac tive NOW! NIST SCOR pro vide s sta ke ho lde rs a pla tfo rm fo r vo lunta rily sha ring se c urity c o ntro l o ve rla ys L e ve l o f de ta il in o ve rla y a t disc re tio n o f the o rg a niza tio n T he o ve rla y re po sito ry is o rg a nize d into c a te g o rie s o f o ve rla ys b a se d o n the sub mitting o rg a niza tio n: g o ve rnme nt-wide ; pub lic (sub mitte d b y a .c o m, .e du, o r .o rg ); a nd NIST -de ve lo pe d. Go ve rnme nt-wide c a te g o ry c o nsists o f sub missio ns fro m fe de ra l, sta te , trib a l, a nd lo c a l g o ve rnme nts. Pub lic c a te g o ry c o nsists o f sub missio ns fro m c o mme rc ia l, e duc a tio na l, o r no n-pro fit o rg a niza tio ns. NIST -de ve lo pe d c a te g o ry c o nsists o f sub missio ns de ve lo pe d b y NIST . https:/ / c src .nist.g o v/ Pro je c ts/ Risk-Ma na g e me nt/ sc o r FCSM Quarterly Meeting Overview| 9
NIST Security Control Overlay Repository (SCOR) Submission Process Org a niza tio ns sa nitize o ve rla y fo r pub lic re vie w a nd e nsure c o nsiste nc y with 800-53 se c urity c o ntro ls Org a niza tio ns c o mple te a nd sub mits the fo llo wing do c ume nts to o ve rla ys@ list.nist.g o v: Ove rla y sub missio n fo rm SCOR partic ipation agre e me nt (for Public organizations) o r SCOR partic ipation agre e me nt e de ral organizations) with ma na g e me nt a ppro va l (dig ita l sig na ture s a re a c c e pte d) (for F Org a niza tio n Ove rla y in e ithe r E xc e l, Wo rd o r PDF fo rma t NIST Re vie ws o ve rla y fo r c o nsiste nc y with NIST sta nda rds a nd g uide line s Ove rla y is po ste d o n SCOR We b site Org a niza tio ns no tifie d o f po sting a nd a re re spo nsib le fo r le tting NIST kno w o f a ny upda te s If o ve rla y is no t upda te d within o ne ye a r o f a ne w SP 800-53 ve rsio n b e ing pub lishe d, it will b e re mo ve d a nd/ o r a rc hive d. All submissions/ Que stions: o ve rla ys@ list.nist.g o v FCSM Quarterly Meeting Overview| 10
Upcoming Meetings, Workshops and Conferences - Save the Date! Ong o ing : Re q ue st Input fo r F CSM T o pic s a nd Spe a ke rs!!!!!!! T he me fo r 2020 2-d a y c o nfe re nc e Vo lunte e r fo r pre se nta tio n, ta lk a b o ut yo ur pro g ra m, inno va tive so lutio n sho wc a se ! Se nd to se c -fo rum@ nist.g o v Priva c y E ng ine e ring Pro g ra m E ve nts a t https:/ / www.nist.g o v/ itl/ a pplie d- c yb e rse c urity/ priva c y-e ng ine e ring / e ve nts Ne xt F CSM Qua rte rly Me e ting No ve mb e r 19, 2019 @ NIST Ga ithe rsb urg F e b rua ry 18, 2020 @ NIST Ga ithe rsb urg April 21, 2020 @ NIST Ga ithe rsb urg F o r mo re info rma tio n: https:/ / c src .nist.g o v/ Pro je c ts/ F o rum FCSM Quarterly Meeting Overview| 11
Recommend
More recommend