Jump to content

Search the Community

Showing results for tags 'NIST'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Categories

  • Founder
  • Platinum
  • Gold
  • Silver
  • Partners

Forums

  • Framework 101
    • Webseries
    • Tiers
    • Profiles
    • Framework Core
  • General
    • Implementation Guidance
    • Solutions
    • Framework in the News
    • Supply Chain Risk Management
    • Success Stories
    • General Discussion
  • Version 2.0
    • Governance
    • Technical Qualifications
    • Updates and Improvements
  • Workshop
    • Feedback
  • Members
    • Member's Lounge
  • BSI RFI Responses

Blogs

  • Team CForum
  • Mike Brown's Blog
  • Tom.Conkle's Blog
  • Tony Sager's Blog
  • RonGula's Blog
  • Whitsitt on the NIST Framework
  • Frank Downs' Blog
  • Thoughts from Greg
  • matthew.smith's Blog

Categories

  • General
  • BSI RFI Responses
  • Guides
  • Templates
  • Example Profiles
  • Other Resources

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


ICQ


Yahoo


Jabber


Skype


Location


Interests


First


Last


Middle


Company Name


Sector


Affiliations


Country

Found 4 results

  1. Tom.Conkle

    Cybersecurity Framework Workshop 2016

    NIST is hosting the next Cybersecurity Framework at their main campus in Gaithersburg, MD. The conference is scheduled for April 6 - 7, 2016. The registration page is open. The workshop draft agenda includes a readout on the responses to the December 2015 RFI and working sessions on Roadmap items, Governance of the Framework, Framework Update, and several special topics. Topics are expected to include: ways in which the Framework is being used to improve cybersecurity risk management, how best practices for using the Framework are being shared, the relative value of different parts of the Framework, the possible need for an update of the Framework, and options for long-term governance of the Framework. There is an optional seminar on April 5 that will provide an overview of the Framework's development, basic components, uses cases, and resources. The optional seminar will provide a 101 type session to help attendees understand how the Framework was developed and is being used today. I hope to see you there.
  2. Tom.Conkle

    Cybersecurity Framework Workshop 2016

    NIST is hosting the next Cybersecurity Framework at their main campus in Gaithersburg, MD. The conference is scheduled for April 6 - 7, 2016. The registration page is open. The workshop draft agenda includes a readout on the responses to the December 2015 RFI and working sessions on Roadmap items, Governance of the Framework, Framework Update, and several special topics. Topics are expected to include: ways in which the Framework is being used to improve cybersecurity risk management, how best practices for using the Framework are being shared, the relative value of different parts of the Framework, the possible need for an update of the Framework, and options for long-term governance of the Framework. There is an optional seminar on April 5 that will provide an overview of the Framework's development, basic components, uses cases, and resources. The optional seminar will provide a 101 type session to help attendees understand how the Framework was developed and is being used today. I hope to see you there.
  3. I came across these two articles today whilst performing a little research on the Framework. It is hard to believe that it has been a year since the Framework was released to industry. Some major steps have been made but there is more to do. The first article published by The White House 02-03-2015 lists the below as commitments to the Framework. Intel is releasing a paper on its use of the Framework and requiring all of its vendors to use the Framework by contract. Apple is incorporating the Framework as part of the broader security protocols across its corporate networks. Bank of America will announce that it is using the Framework and will also require it of its vendors. U.S. Bank and Pacific Gas & Electric are announcing that they are committed to using the Framework. AIG is starting to incorporate the NIST framework into how it underwrites cyber insurance for large, medium-sized, and small businesses and will use the framework to help customers identify gaps in their approach to cybersecurity. QVC is announcing that it is using the Cybersecurity Framework in its risk management. Walgreens is announcing its support for the Cybersecurity Framework and that it uses it as one of its tools for identifying and measuring risk. Kaiser Permanente is committing to use the Framework. Source: http://www.whitehouse.gov/the-press-office/2015/02/13/fact-sheet-white-house-summit-cybersecurity-and-consumer-protection ACFEA's Signal Magazine also wrote a nice piece in support of the Framework. http://www.afcea.org/content/?q=happy-birthday-nists-cybersecurity-framework To all that have been involve since the beginning and since. This is good work and thank you!! Happy Birthday Cybersecurity Framework.
  4. This morning I was pursuing my LinkedIn connections, as I do every morning, actually several times a day. One of my connections posted an article that was recently published by the AFCEA Signal Online edition. http://www.afcea.org/content/?q=node/13619 The article speaks to DHS, SAFETY Act and the potential for litigation. Below is a brief excerpt: "The framework signals the risk of cyber attacks, but it also opens the argument for claiming organizations did not take reasonable care of duty to protect their assets. Dismas Locaria, partner, Venable LLP, explains, “Negligence lawsuits stem out of a reasonable duty to protect against harm.” The SAFETY Act’s existence encouraged companies to bring to market the counterterrorism technologies the government and others need amid fear after 9/11 that, in another attack, they could be liable for tens of millions of dollars if their capabilities had problems. Fast-forward a few years and cybersecurity has become a significant concern for the government, especially as enemies a world away can reach into networks to wreak havoc. Entities need to firm defenses, and one method is through regulation." What is the feeling in the community about adoption of the Framework and what is your personal opinion?
×