Advertisement
Loading Events

« All Events

  • This event has passed.

NIST Risk Management Framework Webcast: A Flexible Methodology to Manage Information Security and Privacy Risk

February 28, 2019 @ 1:00 pm - 3:00 pm EST

The National Institute of Standards and Technology (NIST) will host a Risk Management Framework Webcast: A Flexible Methodology to Manage Information Security and Privacy Risk on 28 Feb 2019.

This webcast will provide a 2-hour overview and deep dive of the recently released NIST Special Publication (SP) 800-37, Revision 2 , Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. This update to NIST SP 800-37 develops the next-generation Risk Management Framework (RMF) for systems, organizations, and individuals by:

Registration is not required to view the webcast, but registered viewers will receive a reminder and updates prior to the webcast.

Providing a closer link and communication between the risk management processes and activities at the C-suite and the individuals, processes, and activities at the system and operational level of the organization through the addition of the Prepare Step;

Institutionalizing foundational risk management preparatory activities at all risk management levels;

Demonstrating how the  NIST Cybersecurity Framework  can be aligned with the RMF and implemented using established NIST risk management processes;

Integrating privacy risk management processes into the RMF to better support the privacy protection needs for which privacy programs are responsible;

Promoting the development of trustworthy secure software and systems by aligning life cycle-based systems engineering processes in  NIST SP 800-160 Volume 1 ;

Integrating security-related, supply chain risk management (SCRM) concepts into the RMF to address untrustworthy suppliers, insertion of counterfeits, tampering, unauthorized production, theft, insertion of malicious code, and poor manufacturing and development practices throughout the SDLC; and

Allowing for an organization-generated control selection approach to complement the traditional baseline control selection approach and support the use of the consolidated security and privacy control catalog in  NIST SP 800-53 Revision 5 .

This webcast will feature an introduction by Dr. Ron Ross, NIST Fellow, an overview of the updates in SP 800-37, Revision 2, followed by a deep dive into the Steps and Tasks of the RMF by Kelley Dempsey, Vicky Pillitteri and Naomi Lefkovitz.

At the conclusion of the event, speakers will address questions sent to  sec-cert@nist.gov  or Twitter using the hashtag #NISTRMF.

The webcast will be recorded and available on this website within 2 weeks following the event; slides will be available on this website prior to the webcast.

Attendees are always welcome to self-report to their authoritative certification bodies to request CEUs for attending this event.

Details

Date:
February 28, 2019
Time:
1:00 pm - 3:00 pm EST
Event Categories:
,
Website:
http://bit.ly/nist-riskmanagement

Venue

Webinar

Organizer

National Institute of Standards and Technology (NIST)
Phone
301-975-2000
View Organizer Website