Agenda Computer System Security and Privacy Advisory (CSSPAB) Meeting National Institute of Standards and Technology (NIST) Administration Building Lecture Room D Gaithersburg, MD NOTE: Speakers/Times are subject to change without notice Tuesday, September 12, 2000 9:00 a.m. Welcome Ed Roback, NIST 9:10 a.m. Opening Remarks Franklin Reeder, Chairman, CSSPAB 9:30 a.m. Security Metrics Workshop – Next Steps Fran Nielsen, NIST 10:15 a.m. BREAK 10:30 a.m. Project MATRIX Glenn Price Critical Infrastructure Protection Office 11:30 a.m. LUNCH 12:45 p.m. Board Discussion of Focus Paper on Security Metrics Karen Worstell, Discussion Leader 2:15 p.m. BREAK 2:45 p.m. Board Discussion on Maturity Framework Document of the CIO Security, Privacy and Critical Infrastructure Committee John Sabo, Discussion Leader Steve Lipner, Discussion Leader Marianne Swanson, Discussion Leader 3:45 p.m. Board Discussion on Issues and Future Direction of CSSPAB Daniel Knauf, Discussion Leader 5:00 p.m. ADJOURN Wednesday, September 13, 2000 9:00 a.m. Discussion of Board Agenda/Work Plan Franklin Reeder, Discussion Leader 10:00 a.m. OMB Update Glenn Schlarman OIRA, OMB 10:40 a.m. BREAK 11:00 a.m. Overview of Activities of BITS Technology Group for the Financial Services Roundtable Catherine Allen Chief Executive Officer, BITS 12:00 p.m. LUNCH 1:30 p.m. Emerging Trends in International Privacy Law Jeffery Ritter, Esq. Kirkpatrick & Lockhart LLP 2:30 p.m. BREAK 2:50 p.m. Infosec Research Council R&D Agenda – An Update Carl Piechowski, Chairman, Infosec Research Council Department of Energy 4:00 p.m. Public Participation [5 minutes maxmium per person; please sign up with the Board Secretary] 5:00 p.m. ADJOURN Thursday, September 14, 2000 9:00 a.m. Board Discussion on Privacy Awareness Issues Rick Weingarten, Discussion Leader 10:00 a.m. Summary of Board Discussions and Follow-on Actions 11:15 a.m. BREAK 11:35 a.m. Follow-on Actions Continued 12:30 a.m. Development of Agenda Topics for December 2000 Meeting 1:00 p.m. RECESS