federal computer security managers forum meeting
play

FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 - PowerPoint PPT Presentation

Sep 23, 2022 •463 likes •612 views

FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 NIST WEST SQUARE NIST GAITHERSBURG NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2 FCSM Quarterly Meeting Overview| 2 NIST-Guest Wireless Network

  1. FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 NIST WEST SQUARE NIST GAITHERSBURG

  2. NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2

  3. FCSM Quarterly Meeting Overview| 2

  4. NIST-Guest Wireless Network • NIST-Guest is broadcasted; Use this network to connect your device. 1. Connect wirelessly to SSID: NIST-Guest 2. Open your browser, as needed. 3. If using iOS (iPhones and iPads), access a web page that does not use https:// to get to the Access and Use Policy. 4. If using Android devices, a web page will automatically open with the Access and Use Policy. • Review the complete Access and Use Policy by scrolling to the bottom of the Window. Acknowledge that you agree to the terms identified by selecting ACCEPT. • Device access will be blocked if (1) it is a NIST-owned device; (2) malware or other malicious activity is detected; or (3) inappropriate online behavior is detected. For more information, see: https://www.nist.gov/oism/access-and-use-nist-guest-network FCSM Quarterly Meeting Overview| 4

  5. FCSM Quarterly Meeting Agenda Time Agenda Item Presenter Jody Jacobs, FCSM Chairperson Welcome and Announcements 9:00 a.m. (NIST) Chad Baer, Section Chief, Architecture and Standards, Cybersecurity and Infrastructure Information Security Continuous Monitoring Security Agency (CISA) 9:20 a.m. (ISCM) Program Assessment Victoria Pillitteri, Computer Scientist, NIST Break 10:20 a.m. Sean Connelly, TIC Program Manager Making the Right Connections: An Overview of and Senior Cybersecurity Architect, 10: 40 a.m. Trusted Internet Connection (TIC) 3.0 Cybersecurity and Infrastructure Security Agency (CISA) ADJOURN FORUM MEETING 11:30 a.m. FCSM Quarterly Meeting Overview| 5

  6. NIST Update Agenda • NIST FISMA Publication Schedule • NIST Special Publication (SP) 800-137A • Security Control Overlay Repository (SCOR) • Advancing Cybersecurity Risk Management Conference (ACRM) • Save the Date: Upcoming Meetings, Workshops, and Conferences FCSM Quarterly Meeting Overview| 6

  7. NIST FISMA Publication Schedule • At this time, NIST is not updating our publication dates due to a review cycle being incorporated by the Office of Management and Budget, Office of Information and Regulatory Affairs. We will announce these documents as they are cleared for publication. • The references that are affected by this include the following publications: • NIST Special Publication 800-18, Revision 2, Guide for Developing System Security Plans • NIST Special Publication 800-53, Revision 5 (Final Public Draft), Security and Privacy Controls for Information Systems and Organizations. Currently in review at the Office of Management and Budget Office of Information and Regulatory Affairs. • NIST Special Publication 800-53A, Revision 5, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. FCSM Quarterly Meeting Overview| 7

  8. NIST FISMA Publication Schedule (cont) NIST Special Publication 800-53B, Control Baselines and Tailoring Guidance for Federal Information • Systems and Organizations. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. Federal Information Processing Standard (FIPS) 199, Revision 1, Standards for Security • Categorization of Federal Information and Information Systems. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. Federal Information Processing Standard (FIPS) 200 Revision 1, Minimum Security Requirements • for Federal Information and Information Systems. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. NIST Special Publication 800-161, Revision 1, Supply Chain Risk Management Practices for Federal • Information Systems and Organizations. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. NIST Special Publication 800-171, Revision 2, Protecting Controlled Unclassified Information in • Nonfederal Systems and Organizations. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53. NIST Special Publication 800-171B, Protecting Controlled Unclassified Information in Nonfederal • Systems and Organizations: Enhanced Security Requirements for Critical Programs and High Value Assets. On Hold until review cycle completion of SP 800-53 by Office of Management and Budget, Office of Information and Regulatory Affairs due to dependencies on SP 800-53 . https://csrc.nist.gov/Projects/Risk-Management/Schedule FCSM Quarterly Meeting Overview| 8

  9. NIST SP 800-137A, Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment • Approach for the development of ISCM program assessments that can be used to evaluate ISCM programs that were developed in accordance with NIST SP 800-137 • Released for public comment on 1/13/2020 • Comments due 2/28/2020 FCSM Quarterly Meeting Overview| 9

  10. NIST Security Control Overlay Repository (SCOR) • Active NOW! • NIST SCOR provides stakeholders a platform for voluntarily sharing security control overlays • Level of detail in overlay at discretion of the organization • The overlay repository is organized into categories of overlays based on the submitting organization: government-wide; public (submitted by a .com, .edu, or .org); and NIST -developed. • Government-wide category consists of submissions from federal, state, tribal, and local governments. • Public category consists of submissions from commercial, educational, or non-profit organizations. • NIST -developed category consists of submissions developed by NIST. https://csrc.nist.gov/Projects/Risk-Management/scor FCSM Quarterly Meeting Overview| 10

  11. NIST Security Control Overlay Repository (SCOR) Submission Process Organizations sanitize overlay for public review and ensure consistency with 800-53 security • controls Organizations complete and submits the following documents to overlays@list.nist.gov : • Overlay submission form • SCOR participation agreement (for Public organizations) or SCOR participation • agreement (for Federal organizations) with management approval (digital signatures are accepted) Organization Overlay in either Excel, Word or PDF format • NIST Reviews overlay for consistency with NIST standards and guidelines • Overlay is posted on SCORWebsite • Organizations notified of posting and are responsible for letting NIST know of any updates • If overlay is not updated within one year of a new SP 800-53 version being published, it will be • removed and/or archived. All submissions/Questions: overlays@list.nist.gov FCSM Quarterly Meeting Overview| 11

  12. Advancing Cybersecurity Risk Management Conference (ACRM) • Share and explore cybersecurity risk management best practices and recent research. • Open to federal and non-federal professionals • Enable NIST to receive and discuss stakeholder input on key cybersecurity and privacy risk management topics. • Similar to Baltimore NIST Cybersecurity Risk Management Conference in November 2018 • Registration now open!!!! • To attend the NIST Cybersecurity Risk Management Conference, the price is $194.00 . The Webcast Only Registration price is $80.00 . • Registration closes 5/20/2020 For more Information: https://go.usa.gov/xdqnx FCSM Quarterly Meeting Overview| 12

  13. Upcoming Meetings, Workshops and Conferences - Save the Date! • Privacy Engineering Program Events at https://www.nist.gov/itl/applied- cybersecurity/privacy-engineering/about • Privacy Engineering Framework v. 1.0 • Released January 16, 2020 • Webinar introducing the framework January 29, 2020 • https://www.nist.gov/privacy-framework FCSM Quarterly Meeting Overview| 13

  14. Upcoming Meetings, Workshops and Conferences - Save the Date! (cont) • Ongoing: Request Input for FCSM Topics and Speakers!!!!!!! • Theme for 2020 2-day conference • Volunteer for presentation, talk about your program, innovative solution showcase! • Send to sec-forum@nist.gov • Next FCSM Quarterly Meeting • April 21, 2020 @ NIST Gaithersburg • July 23, 2020 @ NIST Gaithersburg • October 28-29, 2020 for 2-day conference @ NIST Gaithersburg For more information: https://csrc.nist.gov/Projects/Forum FCSM Quarterly Meeting Overview| 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative

Federal Computer Security Managers Forum Quarterly Meeting October 28, 2020 Administrative Reminders This meeting is NOT recorded. Slides will be available within 7 business days, with speaker permission. CEU Form is available:

624 views • 9 slides
Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National

Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National

Federal Computer Security Managers Forum Quarterly Meeting November 2, 2017 National Cybersecurity Center of Excellence Safety/Evacuation Evacuation Emergencies What Will Happen During an Evacuation Event? A building-wide alarm will

259 views • 12 slides
Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST

Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST

Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST Heritage Room NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2 NIST Building 101 Ground Floor Map Stairs to Outside and

664 views • 11 slides
Federal Cybersecurity Workforce Federal Computer Security Managers Forum February 14, 2017 1

Federal Cybersecurity Workforce Federal Computer Security Managers Forum February 14, 2017 1

Federal Cybersecurity Workforce Federal Computer Security Managers Forum February 14, 2017 1 2/16/17 Presentation Outline I. New Cybersecurity Codes II. CyberCareers.gov 2/16/17 2 Background on Cybersecurity Codes 2013: Began identifying and

464 views • 14 slides
SaaS Email Working Group John Connor, Rathini Vijayaverl IT Security Specialists, OISM, NIST

SaaS Email Working Group John Connor, Rathini Vijayaverl IT Security Specialists, OISM, NIST

Google Groups Assessment a and Authorization Lessons L Learn rned SaaS Email Working Group John Connor, Rathini Vijayaverl IT Security Specialists, OISM, NIST Meeting February 13, 2018 Federal Computer Security Managers Forum Meeting

548 views • 28 slides
NIST Combinatorial Testing project Goals reduce testing cost, improve cost-benefit ratio

NIST Combinatorial Testing project Goals reduce testing cost, improve cost-benefit ratio

Combinatorial Methods in Software Testing Rick Kuhn National Institute of Standards and Technology Gaithersburg, MD Federal Computer Security Managers Forum, Dec. 6, 2011 NIST Combinatorial Testing project Goals reduce testing cost,

491 views • 46 slides
Association of Arctic Expedition Cruise Operators Station Managers Forum Melissa Nacke

Association of Arctic Expedition Cruise Operators Station Managers Forum Melissa Nacke

STATION MANAGERS FORUM , SWEDEN Association of Arctic Expedition Cruise Operators Station Managers Forum Melissa Nacke AECO.NO STATION MANAGERS FORUM , SWEDEN Who are we? 70+ international members and represents the majority of

453 views • 17 slides
Subnet Managers May 19, 2010 Are we there yet? Agenda Items Security Campus IT Update

Subnet Managers May 19, 2010 Are we there yet? Agenda Items Security Campus IT Update

Subnet Managers May 19, 2010 Are we there yet? Agenda Items Security Campus IT Update Exchange 2010 Middleware 5/19/2010 Agenda (cont) Licensing/Student computer standards Network Operations 5/19/2010 Security

770 views • 40 slides
Sermilik Station, Southeast Greenland INTERACT II, Station Managers' Forum V, Svartberget, Sweden,

Sermilik Station, Southeast Greenland INTERACT II, Station Managers' Forum V, Svartberget, Sweden,

By Morten Rasch and Wolfgang Schner Station Managers Forum Sermilik Station, Southeast Greenland INTERACT II, Station Managers' Forum V, Svartberget, Sweden, 10-11 September 2019 1 Facts about the station: Location: Sermilik Fjord,

459 views • 13 slides
Managers Briefing Welcome Purna Patel 20 th May 2020 School Business Managers Forum Shereen

Managers Briefing Welcome Purna Patel 20 th May 2020 School Business Managers Forum Shereen

School Business Managers Briefing Welcome Purna Patel 20 th May 2020 School Business Managers Forum Shereen Moussa Southwark Schools HR Update 20 th May 2020 COVID-19: The situation so far From 23 rd March 2020, the Government

936 views • 64 slides
Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
INTERACT GIS Task 3.6 of the INTERACT Station Managers Forum Introduction to INTERACT GIS

INTERACT GIS Task 3.6 of the INTERACT Station Managers Forum Introduction to INTERACT GIS

INTERACT GIS Task 3.6 of the INTERACT Station Managers Forum Introduction to INTERACT GIS Workshop The current INTERACT GIS team: Britta Lfvenberg: IT-leader at ICT Services and System Development, Ume University, Sweden (UmU ITS) Per

457 views • 13 slides
Check against delivery 6 th ASEAN REGIONAL FORUM INTERSESSIONAL MEETING ON MARITIME SECURITY,

Check against delivery 6 th ASEAN REGIONAL FORUM INTERSESSIONAL MEETING ON MARITIME SECURITY,

Check against delivery 6 th ASEAN REGIONAL FORUM INTERSESSIONAL MEETING ON MARITIME SECURITY, BALI, INDONESIA, 22-23 MAY 2014 STATEMENT BY MALAYSIA ON MH370 SEARCH OPERATIONS UNDER AGENDA ITEM 8 MARITIME SEARCH AND RESCUE Mr Co-Chair, Thank

366 views • 3 slides
EARCOS BUSINESS MANAGERS WEBINAR MEETING Purpose To provide a time for EARCOS Business Managers

EARCOS BUSINESS MANAGERS WEBINAR MEETING Purpose To provide a time for EARCOS Business Managers

EARCOS BUSINESS MANAGERS WEBINAR MEETING Purpose To provide a time for EARCOS Business Managers to reconnect To share challenges, information and ideas related to the impact of COVID 19 on Business Operations Opportunity to ask

576 views • 21 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

412 views • 38 slides
Association of Indiana Counties State-Called County Council Meeting Department of Local

Association of Indiana Counties State-Called County Council Meeting Department of Local

Association of Indiana Counties State-Called County Council Meeting Department of Local Government Finance June 30, 2018 1 Presentation Overview Office of Management & Budget OMB Goals, Rankings & Results Mission &

722 views • 29 slides
FY 2016 Budget Formulation Process July 31, 2013 Ratana (Toye) Warito Program Analyst

FY 2016 Budget Formulation Process July 31, 2013 Ratana (Toye) Warito Program Analyst

FY 2016 Budget Formulation Process July 31, 2013 Ratana (Toye) Warito Program Analyst BUDGET FORMULATION FY 2016 PROCESS & UPDATES O BJECTIVE L ESSONS LEARNED C ULTURE P LAN W HAT WE DID W HAT WE NEED TO CHANGE

750 views • 9 slides
Winds of Change An analysis of recent changes in the South Australian electricity market Dylan

Winds of Change An analysis of recent changes in the South Australian electricity market Dylan

Winds of Change An analysis of recent changes in the South Australian electricity market Dylan McConnell Melbourne Energy Institute Australian-German Climate & Energy College 12 th August 2016 South Australia's changing supply mix 16000

487 views • 27 slides
Bernalillo County NMPHA Annual Conference April 2, 2014 Marsha McMurray-Avila Coordinator,

Bernalillo County NMPHA Annual Conference April 2, 2014 Marsha McMurray-Avila Coordinator,

BER BERNALIL ALILLO O COUNT COUNTY OPIOID AB OPIOID ABUSE USE ACCOU CCOUNT NTABILITY ABILITY SUMMIT SUMMIT Turning the Curve on Opioid Abuse in Bernalillo County NMPHA Annual Conference April 2, 2014 Marsha McMurray-Avila

630 views • 29 slides
Department of Health and Human Services Overview Fiscal Research Division February 21, 2017

Department of Health and Human Services Overview Fiscal Research Division February 21, 2017

Department of Health and Human Services Overview Fiscal Research Division February 21, 2017 Outline Department of Health and Human Services Agency Overview Budget Divisions Questions 2 1 Department of Health and Human

271 views • 11 slides
Cell Tow er/ Monopole on Schools Fiscal Management Committee January 8, 2018 History/ Background

Cell Tow er/ Monopole on Schools Fiscal Management Committee January 8, 2018 History/ Background

Cell Tow er/ Monopole on Schools Fiscal Management Committee January 8, 2018 History/ Background 1996-Congress passes Federal Telecomunications Act 1996-Federal Communications Commission issues regulations on mobile telecommunications

587 views • 9 slides
Regional Collaboration: MEVA III Aeronautical Communications Network WHY REGIONAL NETWORKS?

Regional Collaboration: MEVA III Aeronautical Communications Network WHY REGIONAL NETWORKS?

Regional Collaboration: MEVA III Aeronautical Communications Network WHY REGIONAL NETWORKS? Difficulties: Coverage Quality Regional solution Dedicate network ICAO SARPS compliant 1995 MEVA 2 MEVA network is interconnected

402 views • 11 slides
GAS TO POWER IN BOTSWANA DECEMBER 2016 D IS CLA IMER This presentation (Presentation) has been

GAS TO POWER IN BOTSWANA DECEMBER 2016 D IS CLA IMER This presentation (Presentation) has been

GAS TO POWER IN BOTSWANA DECEMBER 2016 D IS CLA IMER This presentation (Presentation) has been prepared by Tlou Energy Limited (Tlou). The Presentation and information contained in it is being provided to shareholders and investors for

574 views • 20 slides

More recommend