federal computer security managers forum meeting
play

FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 - PowerPoint PPT Presentation

Sep 23, 2022 •463 likes •612 views

FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 NIST WEST SQUARE NIST GAITHERSBURG NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2 FCSM Quarterly Meeting Overview| 2 NIST-Guest Wireless Network

  1. FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 NIST WEST SQUARE NIST GAITHERSBURG

  2. NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2

  3. FCSM Quarterly Meeting Overview| 2

  4. NIST-Guest Wireless Network • NIST-Guest is broadcasted; Use this network to connect your device. 1. Connect wirelessly to SSID: NIST-Guest 2. Open your browser, as needed. 3. If using iOS (iPhones and iPads), access a web page that does not use https:// to get to the Access and Use Policy. 4. If using Android devices, a web page will automatically open with the Access and Use Policy. • Review the complete Access and Use Policy by scrolling to the bottom of the Window. Acknowledge that you agree to the terms identified by selecting ACCEPT. • Device access will be blocked if (1) it is a NIST-owned device; (2) malware or other malicious activity is detected; or (3) inappropriate online behavior is detected. For more information, see: https://www.nist.gov/oism/access-and-use-nist-guest-network FCSM Quarterly Meeting Overview| 4

  5. FCSM Quarterly Meeting Agenda Time Agenda Item Presenter Jody Jacobs, FCSM Chairperson Welcome and Announcements 9:00 a.m. (NIST) Chad Baer, Section Chief, Architecture and Standards, Cybersecurity and Infrastructure Information Security Continuous Monitoring Security Agency (CISA) 9:20 a.m. (ISCM) Program Assessment Victoria Pillitteri, Computer Scientist, NIST Break 10:20 a.m. Sean Connelly, TIC Program Manager Making the Right Connections: An Overview of and Senior Cybersecurity Architect, 10: 40 a.m. Trusted Internet Connection (TIC) 3.0 Cybersecurity and Infrastructure Security Agency (CISA) ADJOURN FORUM MEETING 11:30 a.m. FCSM Quarterly Meeting Overview| 5

  6. NIST Update Agenda • NIST FISMA Publication Schedule • NIST Special Publication (SP) 800-137A • Security Control Overlay Repository (SCOR) • Advancing Cybersecurity Risk Management Conference (ACRM) • Save the Date: Upcoming Meetings, Workshops, and Conferences FCSM Quarterly Meeting Overview| 6

  7. NIST FISMA Publication Schedule • At this time, NIST is not updating our publication dates due to a review cycle being incorporated by the Office of Management and Budget, Office of Information and Regulatory Affairs. We will announce these documents as they are cleared for publication. • The references that are affected by this include the following publications: • NIST Special Publication 800-18, Revision 2, Guide for Developing System Security Plans • NIST Special Publication 800-53, Revision 5 (Final Public Draft), Security and Privacy Controls for Information Systems and Organizations. Currently in review at the Office of Management and Budget Office of Information and Regulatory Affairs. • NIST Special Publication 800-53A, Revision 5, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. FCSM Quarterly Meeting Overview| 7

  8. NIST FISMA Publication Schedule (cont) NIST Special Publication 800-53B, Control Baselines and Tailoring Guidance for Federal Information • Systems and Organizations. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. Federal Information Processing Standard (FIPS) 199, Revision 1, Standards for Security • Categorization of Federal Information and Information Systems. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. Federal Information Processing Standard (FIPS) 200 Revision 1, Minimum Security Requirements • for Federal Information and Information Systems. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. NIST Special Publication 800-161, Revision 1, Supply Chain Risk Management Practices for Federal • Information Systems and Organizations. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. NIST Special Publication 800-171, Revision 2, Protecting Controlled Unclassified Information in • Nonfederal Systems and Organizations. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. NIST Special Publication 800-171B, Protecting Controlled Unclassified Information in Nonfederal • Systems and Organizations: Enhanced Security Requirements for Critical Programs and High Value Assets. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53 . https://csrc.nist.gov/Projects/Risk-Management/Schedule FCSM Quarterly Meeting Overview| 8

  9. NIST SP 800-137A, Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment • Approach for the development of ISCM program assessments that can be used to evaluate ISCM programs that were developed in accordance with NIST SP 800-137 • Released for public comment on 1/13/2020 • Comments due 2/28/2020 FCSM Quarterly Meeting Overview| 9

  10. NIST Security Control Overlay Repository (SCOR) • Active NOW! • NIST SCOR provides stakeholders a platform for voluntarily sharing security control overlays • Level of detail in overlay at discretion of the organization • The overlay repository is organized into categories of overlays based on the submitting organization: government-wide; public (submitted by a .com, .edu, or .org); and NIST -developed. • Government-wide category consists of submissions from federal, state, tribal, and local governments. • Public category consists of submissions from commercial, educational, or non-profit organizations. • NIST -developed category consists of submissions developed by NIST. https://csrc.nist.gov/Projects/Risk-Management/scor FCSM Quarterly Meeting Overview| 10

  11. NIST Security Control Overlay Repository (SCOR) Submission Process Organizations sanitize overlay for public review and ensure consistency with 800-53 security • controls Organizations complete and submits the following documents to overlays@list.nist.gov : • Overlay submission form • SCOR participation agreement (for Public organizations) or SCOR participation • agreement (for Federal organizations) with management approval (digital signatures are accepted) Organization Overlay in either Excel, Word or PDF format • NIST Reviews overlay for consistency with NIST standards and guidelines • Overlay is posted on SCORWebsite • Organizations notified of posting and are responsible for letting NIST know of any updates • If overlay is not updated within one year of a new SP 800-53 version being published, it will be • removed and/or archived. All submissions/Questions: overlays@list.nist.gov FCSM Quarterly Meeting Overview| 11

  12. Advancing Cybersecurity Risk Management Conference (ACRM) • Share and explore cybersecurity risk management best practices and recent research. • Open to federal and non-federal professionals • Enable NIST to receive and discuss stakeholder input on key cybersecurity and privacy risk management topics. • Similar to Baltimore NIST Cybersecurity Risk Management Conference in November 2018 • Registration now open!!!! • To attend the NIST Cybersecurity Risk Management Conference, the price is $194.00 . The Webcast Only Registration price is $80.00 . • Registration closes 5/20/2020 For more Information: https://go.usa.gov/xdqnx FCSM Quarterly Meeting Overview| 12

  13. Upcoming Meetings, Workshops and Conferences - Save the Date! • Privacy Engineering Program Events at https://www.nist.gov/itl/applied- cybersecurity/privacy-engineering/about • Privacy Engineering Framework v. 1.0 • Released January 16, 2020 • Webinar introducing the framework January 29, 2020 • https://www.nist.gov/privacy-framework FCSM Quarterly Meeting Overview| 13

  14. Upcoming Meetings, Workshops and Conferences - Save the Date! (cont) • Ongoing: Request Input for FCSM Topics and Speakers!!!!!!! • Theme for 2020 2-day conference • Volunteer for presentation, talk about your program, innovative solution showcase! • Send to sec-forum@nist.gov • Next FCSM Quarterly Meeting • April 21, 2020 @ NIST Gaithersburg • July 23, 2020 @ NIST Gaithersburg • October 28-29, 2020 for 2-day conference @ NIST Gaithersburg For more information: https://csrc.nist.gov/Projects/Forum FCSM Quarterly Meeting Overview| 14

Recommend

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative Reminders This meeting is NOT recorded. Slides will be available within 7 business days, with speaker permission. CEU Form is available:

624 views • 9 slides
Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National

Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National

Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National Cybersecurity Center of Excellence Safety/Evacuation Evacuation Emergencies What Will Happen During an Evacuation Event? A building-wide alarm will

259 views • 12 slides
Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST

Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST

Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST Heritage Room NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2 NIST Building 101 Ground Floor Map Stairs to Outside and

664 views • 11 slides
Federal Cybersecurity Workforce Federal Computer Security Managers Forum February 14, 2017 1

Federal Cybersecurity Workforce Federal Computer Security Managers Forum February 14, 2017 1

Federal Cybersecurity Workforce Federal Computer Security Managers Forum February 14, 2017 1 2/16/17 Presentation Outline I. New Cybersecurity Codes II. CyberCareers.gov 2/16/17 2 Background on Cybersecurity Codes 2013: Began identifying and

464 views • 14 slides
SaaS Email Working Group John Connor, Rathini Vijayaverl IT Security Specialists, OISM, NIST

SaaS Email Working Group John Connor, Rathini Vijayaverl IT Security Specialists, OISM, NIST

Google Groups Assessment a and Authorization Lessons L Learn rned SaaS Email Working Group John Connor, Rathini Vijayaverl IT Security Specialists, OISM, NIST Meeting February 13, 2018 Federal Computer Security Managers Forum Meeting

548 views • 28 slides
NIST Combinatorial Testing project Goals reduce testing cost, improve cost-benefit ratio

NIST Combinatorial Testing project Goals reduce testing cost, improve cost-benefit ratio

Combinatorial Methods in Software Testing Rick Kuhn National Institute of Standards and Technology Gaithersburg, MD Federal Computer Security Managers Forum, Dec. 6, 2011 NIST Combinatorial Testing project Goals reduce testing cost,

491 views • 46 slides
Association of Arctic Expedition Cruise Operators Station Managers Forum Melissa Nacke

Association of Arctic Expedition Cruise Operators Station Managers Forum Melissa Nacke

STATION MANAGERS FORUM , SWEDEN Association of Arctic Expedition Cruise Operators Station Managers Forum Melissa Nacke AECO.NO STATION MANAGERS FORUM , SWEDEN Who are we? 70+ international members and represents the majority of

453 views • 17 slides
Subnet Managers May 19, 2010 Are we there yet? Agenda Items Security Campus IT Update

Subnet Managers May 19, 2010 Are we there yet? Agenda Items Security Campus IT Update

Subnet Managers May 19, 2010 Are we there yet? Agenda Items Security Campus IT Update Exchange 2010 Middleware 5/19/2010 Agenda (cont) Licensing/Student computer standards Network Operations 5/19/2010 Security

770 views • 40 slides
Sermilik Station, Southeast Greenland INTERACT II, Station Managers' Forum V, Svartberget, Sweden,

Sermilik Station, Southeast Greenland INTERACT II, Station Managers' Forum V, Svartberget, Sweden,

By Morten Rasch and Wolfgang Schner Station Managers Forum Sermilik Station, Southeast Greenland INTERACT II, Station Managers' Forum V, Svartberget, Sweden, 10-11 September 2019 1 Facts about the station: Location: Sermilik Fjord,

459 views • 13 slides
Managers Briefing Welcome Purna Patel 20 th May 2020 School Business Managers Forum Shereen

Managers Briefing Welcome Purna Patel 20 th May 2020 School Business Managers Forum Shereen

School Business Managers Briefing Welcome Purna Patel 20 th May 2020 School Business Managers Forum Shereen Moussa Southwark Schools HR Update 20 th May 2020 COVID-19: The situation so far From 23 rd March 2020, the Government

936 views • 64 slides
Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
INTERACT GIS Task 3.6 of the INTERACT Station Managers Forum Introduction to INTERACT GIS

INTERACT GIS Task 3.6 of the INTERACT Station Managers Forum Introduction to INTERACT GIS

INTERACT GIS Task 3.6 of the INTERACT Station Managers Forum Introduction to INTERACT GIS Workshop The current INTERACT GIS team: Britta Lfvenberg: IT-leader at ICT Services and System Development, Ume University, Sweden (UmU ITS) Per

457 views • 13 slides
Check against delivery 6 th ASEAN REGIONAL FORUM INTERSESSIONAL MEETING ON MARITIME SECURITY,

Check against delivery 6 th ASEAN REGIONAL FORUM INTERSESSIONAL MEETING ON MARITIME SECURITY,

Check against delivery 6 th ASEAN REGIONAL FORUM INTERSESSIONAL MEETING ON MARITIME SECURITY, BALI, INDONESIA, 22-23 MAY 2014 STATEMENT BY MALAYSIA ON MH370 SEARCH OPERATIONS UNDER AGENDA ITEM 8 MARITIME SEARCH AND RESCUE Mr Co-Chair, Thank

366 views • 3 slides
EARCOS BUSINESS MANAGERS WEBINAR MEETING Purpose To provide a time for EARCOS Business Managers

EARCOS BUSINESS MANAGERS WEBINAR MEETING Purpose To provide a time for EARCOS Business Managers

EARCOS BUSINESS MANAGERS WEBINAR MEETING Purpose To provide a time for EARCOS Business Managers to reconnect To share challenges, information and ideas related to the impact of COVID 19 on Business Operations Opportunity to ask

576 views • 21 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

412 views • 38 slides
Security deposits cause problems for Property Owners and Managers Compliance Banking Payments

Security deposits cause problems for Property Owners and Managers Compliance Banking Payments

10/4/17 [Property owner] presentation Security deposit management when renting. Security deposits cause problems for Property Owners and Managers Compliance Banking Payments Disputes triple trust managing dispute damages accounts

189 views • 3 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides
CE Data from the Perspectives of Researchers and Survey Managers Researchers and Survey Managers

CE Data from the Perspectives of Researchers and Survey Managers Researchers and Survey Managers

CE Data from the Perspectives of Researchers and Survey Managers Researchers and Survey Managers Geng Li * Robert F. Schoeni Economist Economist Co Director, PSID Co Director PSID Federal Reserve Board University of Michigan Consumer

244 views • 11 slides
Managers Meeting August 24, 2016 8/25/2016 2016_Managers Meeting 1 Agenda Welcome

Managers Meeting August 24, 2016 8/25/2016 2016_Managers Meeting 1 Agenda Welcome

Glastonbury Hartwell Soccer Club Travel & Premier 2016 - 2017 Managers Meeting August 24, 2016 8/25/2016 2016_Managers Meeting 1 Agenda Welcome & Introductions Meeting Objectives For Awareness Only Shift to

413 views • 29 slides
Plenary Meeting of the Global Nuclear Safety and Security Network Promoting science-based safety:

Plenary Meeting of the Global Nuclear Safety and Security Network Promoting science-based safety:

Plenary Meeting of the Global Nuclear Safety and Security Network Promoting science-based safety: Aims, Objectives and Working Method of the TSO Forum Jacques Repussard, TSO Forum Chair IRSN, France IAEA International Atomic Energy Agency

331 views • 19 slides
New Zealand Managers Low Literacy: Does It Matter? Frank Sligo Or: Does New Zealand need more

New Zealand Managers Low Literacy: Does It Matter? Frank Sligo Or: Does New Zealand need more

New Zealand Vocational Education & Training Research Forum Wellington, 28 April 2011 New Zealand Managers Low Literacy: Does It Matter? Frank Sligo Or: Does New Zealand need more managers like Sherlock Holmes, or more like Dr Watson? The

772 views • 40 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer Security? Generally concerned with protection of computer related assets Risk analysis and management! Manage could mean prevention of

537 views • 26 slides

More recommend