Managing Cyber Security Risk
Applying the New NIST Risk Management Framework
Dr. Ron Ross, Sr. Computer Scientist, NIST
On-Demand Webcast View Event Archive Download Presentation PDFs Download The Tutorial: |
|
Event Description
Hear from Dr. Ron Ross, Sr. Computer Scientist/Information Security Researcher, National Institute of Standards and Technology (NIST) and gain fresh insights into how your organization can benefit from the advances made by NIST in information risk management.
Motivated by a very serious threat to our national security, a task force of the best cybersecurity professionals in the federal government has been working to create a new security framework to more effectively protect today’s “highly dynamic environments of complex and sophisticated cyber threats, ever increasing system vulnerabilities, and rapidly changing missions.” The resulting framework, which is being released in publications such as NIST SP 800-53 and SP 800-37, represents a significant advance in risk-based security practices. In addition to being required under various federal regimens such as FISMA and DIACAP, they also represent a set of best practices that other commercial and government organizations would be well served to understand.
The new requirements are based on a 6 step Risk Management Framework for designing, assessing and monitoring system security. The framework is designed both to integrate security into the system design process and to enable near-real time risk management through ongoing continuous monitoring.
This seminar will review the objectives and requirements of the new Risk Management Framework, describe how they apply to network-level security and discuss solutions for satisfying the requirements.
Tom Arthur, President and CEO of RedSeal Systems
Learning Objectives
- Understand the objectives of the Risk Management Framework (RMF)
- Understand the requirements of implementing the RMF
- Understand how to apply the RMF to network security
Who Should View?
- Private and Public Sector Organizations
- CISOs and CTOs
- Network, Security, Compliance and Risk Management Managers and staff
- Executives, Managers, and Staff Responsible for FISMA Compliance
Agenda:
- Interview with Dr. Ron Ross
- The cyber threat - unclassified
- Why the new risk management framework?
- Key objectives
- Continuous monitoring & real time risk management
- Interview with Tom Arthur
- Tasks involved in monitoring network security
- Assessing risk associated with network security
- Prioritizing remediation
- Live Q&A with Dr. Ron Ross
For more information or questions about this event, please contact us.
Sponsored by:
 |
 |
 |