U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST Cybersecurity RFI Feedback Session for Forum Members - March 24, 2022

Description of event

NIST recently issued a Request for Information (RFI) asking for information that would improve the effectiveness of the Cybersecurity Framework (CSF) for a potential update.  As a part of this initiative, NIST wants to better understand how the CSF is being used today and to learn what’s working and what’s not.  NIST also wants to explore better ways to align the CSF with other NIST guidance, such as the Privacy Framework, Secure Software Development Framework, Risk Management Framework, NICE Workforce Framework, and its series on IoT cybersecurity.  NIST wants to know what would help use these tools together more effectively.  NIST also recently launched a public-private partnership, called the National Initiative for Improving Cybersecurity in Supply Chains (NIICS), to address supply chain cybersecurity risks.  NIST is requesting information that will help identify supply-chain-related cybersecurity needs and harmonize the NIICS initiative with the CSF. 

As NIST is considering these changes, it would like to hear from the Forum participants, including on the following questions:

  • What areas could be improved in the CSF?
  • Could structural changes to the CSF help?
  • What challenges have prevented organizations from using the CSF more effectively?
  • What are the gaps in existing cybersecurity supply chain risk management guidance and resources, including how they apply to open source software, operational technology, IoT, and industrial IoT?
  • How can NIST build on its current work on supply chain security, including software security work stemming from Executive Order 14028, Improving the Nation's Cybersecurity, to increase trust and assurance in technology products and services?

We welcome speaker submissions on related topics, particularly on how Departments and Agencies are currently using the CSF.  Please submit speaker submissions to sec-forum@nist.gov by March 14, 2022.

 

 

Event Details

Starts: March 24, 2022 - 01:00 PM EDT
Ends: March 24, 2022 - 02:30 PM EDT

Format: Virtual Type: Forum

Agenda

Attendance Type: Open to members,Government only,Government and their contractors only
Audience Type: Government,Academia


Location

Virtual

Created March 02, 2022, Updated April 07, 2022