Framework Roadmap Overview - July 2018

Slide Note
Embed
Share

The Framework Roadmap draft highlights key areas of development relevant to the Framework, including Confidence Mechanisms, Cyber Attack Lifecycle, Cybersecurity Workforce, Cyber Supply Chain Risk Management, Federal Agency Cybersecurity Alignment, Governance and Enterprise Risk Management, Identity Management, International Aspects, Measuring Cybersecurity, and more. NIST collaborates with stakeholders to address challenges and evolve the roadmap based on technological advancements and cybersecurity landscape changes.

inia775
inia775 Follow

Uploaded on Dec 13, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Introduction to the Framework Roadmap July 2018 cyberframework@nist.gov

  2. The Framework Roadmap Draft Roadmap v1.1 (Dec 5, 2017) Confidence Mechanisms Cyber Attack Lifecycle Cybersecurity Workforce Cyber Supply Chain Risk Management Federal Agency Cybersecurity Alignment Governance and Enterprise Risk Management Identity Management International Aspects, Impacts, and Alignment Measuring Cybersecurity Privacy Engineering Referencing Techniques Small Business Awareness and Resources Highlights areas of development relevant to the Framework and of broader interest Describes anticipated future activities related to the Framework NIST collaborates with stakeholders to identify challenges, solicit input, and develop and execute action plans for addressing roadmap areas Continues to evolve based on advancements in technology and the evolving cybersecurity landscape 3

  3. Roadmap Areas Confidence Mechanisms Can be used to enhance an organization s understanding of its implementation of a Framework profile Understanding the Tactics, Techniques and Procedures (TTP) an attacker may employ and the vulnerabilities an attacker may exploit are critical to effective cyber defense Cyber Attack Lifecycle Cybersecurity Workforce A skilled cybersecurity workforce is needed to meet the unique cybersecurity needs of critical infrastructure 4

  4. Roadmap Areas Cyber Supply Chain Risk Management Organizations are dependent upon product and service supply chains. Supply chain risk should be included in organizational risk management programs. Federal Agency Cybersecurity Alignment NIST is updating SP 800-37 (RMF), to incorporate key Cybersecurity Framework, privacy risk management and systems security engineering concepts. Governance and Enterprise Risk Management Participants involved in developing the Framework stressed that leadership buy-in to the approach was crucial to improving the nation s cybersecurity. 5

  5. Roadmap Areas Identity management needs to become more risk-aligned, adaptive, and contextual with guidance capable of supporting flexibility, modularity, and agility Identity Management International Aspects, Impacts, and Alignment Diverse requirements can impede interoperability, result in duplication, harm cybersecurity, and hamper innovation, hindering the ability of organizations to operate globally while effectively manage risks. More accurate and quantifiable projected cost and estimated risk reduction associated with cybersecurity investments requires an aligned, modular, and systemic approach to cybersecurity measurement. Measuring Cybersecurity 6

  6. Roadmap Areas A key challenge has been determining how to design information technologies that protect individuals privacy and civil liberties in an increasingly connected world. Privacy Engineering To handle evolving cybersecurity standards, sector specific recommended practices, etc., the Informative References must adapt. Referencing Techniques Small Business Awareness and Resources It is important that small business leaders understand and have effective approaches to manage risks to their information, systems and networks. 7

  7. Resources Where to Learn More and Stay Current Framework Roadmap and related efforts: https://www.nist.gov/cyberframework/related- efforts-roadmap Framework for Improving Critical Infrastructure Cybersecurity and related news, information: www.nist.gov/cyberframework Additional cybersecurity resources: http://csrc.nist.gov/ Questions, comments, ideas: cyberframework@nist.gov 8

Related


ECFA Detector R&D Roadmap and International Collaborations Update

ECFA Detector R&D Roadmap and International Collaborations Update

adrield
Agile Product Sprint Roadmap Template Example

Agile Product Sprint Roadmap Template Example

annamaria
Combatting Postpartum Haemorrhage: Roadmap and Call-to-Action

Combatting Postpartum Haemorrhage: Roadmap and Call-to-Action

horus
Scaled Agile Framework (SAFe) Roadmap Template Example

Scaled Agile Framework (SAFe) Roadmap Template Example

pollux
ONAP SON Guilin Demo & Roadmap Collaborators

ONAP SON Guilin Demo & Roadmap Collaborators

asa
Understanding Web Development: Frontend and Backend Roadmap

Understanding Web Development: Frontend and Backend Roadmap

auden
PMO Strategy Roadmap Template for Effective Project Management

PMO Strategy Roadmap Template for Effective Project Management

novi
Comprehensive 3-Year Project Roadmap Template

Comprehensive 3-Year Project Roadmap Template

denny
Roadmap to Enable RDA Delivery: Plans and Preparation

Roadmap to Enable RDA Delivery: Plans and Preparation

tina
Roadmap for DNS Load Balancing Service at CERN - HEPiX Autumn 2020 Workshop

Roadmap for DNS Load Balancing Service at CERN - HEPiX Autumn 2020 Workshop

norbert
Medium-Term Strategic Framework 2019-2024 Update: Responding to the Changing Environment

Medium-Term Strategic Framework 2019-2024 Update: Responding to the Changing Environment

amberrose
Executive Team Roadmap: Achieving Buy-In for Product Vision

Executive Team Roadmap: Achieving Buy-In for Product Vision

eirlys
Scouts Queensland Roadmap for Resumption of Face-to-Face Scouting

Scouts Queensland Roadmap for Resumption of Face-to-Face Scouting

kismet
Developing a Beneficial Ownership Roadmap: A Comprehensive Guide

Developing a Beneficial Ownership Roadmap: A Comprehensive Guide

neay266
CTS Strategic Roadmap Walkthrough - Version 1.2 Overview

CTS Strategic Roadmap Walkthrough - Version 1.2 Overview

vsiel
Health and Care LGBTQ+ Inclusion Framework Briefing for Board Members

Health and Care LGBTQ+ Inclusion Framework Briefing for Board Members

sjac
Biotics 5 Development Priorities Roadmap Results

Biotics 5 Development Priorities Roadmap Results

adumm
FOLIO Roadmap and Prioritization Update

FOLIO Roadmap and Prioritization Update

neti_485
Implementing Trauma-Informed Practices: A Strategic Roadmap

Implementing Trauma-Informed Practices: A Strategic Roadmap

ambel
National Adaptation Plan (NAP) Coordination and Roadmap Development

National Adaptation Plan (NAP) Coordination and Roadmap Development

tric_a
IoT Value Roadmap and Key Use Cases Across Business Functions

IoT Value Roadmap and Key Use Cases Across Business Functions

ola_b
MPEG Standardisation Roadmap and Major Standards Overview

MPEG Standardisation Roadmap and Major Standards Overview

ann_ba

More Related Content