Upcoming Events FY 2016:
FY16 meeting dates (topics TBD):
- January 28, 2016 LR-D
- April 21, 2016
- June 21, 2016 LR-D - topic TBD
- August 16-17, 2016 – Annual two day “Offsite” to be held at NIST again
- Who Should Attend: US Federal government employees and their support contractors who participate in the management of their organization’s information system security program.
- Volunteer to present on what is (or is not) working at your agency and/or provide topics you would like to hear about.
- Registration closes August 9, 2016
- Location: NIST, Portrait Room, Gaithersburg, Maryland
- Registration from 8:00-9:00; first session 9:00; day ends 4:30-5:00.
- No cost to attend. Space is limited. If you register and cannot attend, please cancel.
- Food will not be provided. The NIST cafeteria is open to conference attendees.
- Note: the Montgomery County Agricultural Fair is Aug 12-20 and could impact where you stay.
- Directions and Hotels
Meeting announcements are made through the list serv. Topics and speakers along with how to register are sent a few weeks prior to the scheduled date.
The list serv is limited to federal employees, however, contractors supporting federal government employees are invited to attend Forum meetings.
The fcsm listserve limits attachments. Many expressed interest in a STIG mapping to NIST 800-53. Members shared the newest STIGs map each vulnerability ID to a Control Correlation Identifier (CCI). The CCI can then be mapped to the SP 800-53 Rev 4 control using the list available here: http://iase.disa.mil/stigs/cci/Pages/index.aspx
Excel version of the STIG Mapping
- April 21, 2016, NIST
- January 28, 2016, NIST
- August 26-27, 2015, NIST
- Agenda with Presentation Links
- Program with Speaker Photos and Bios
August 26, 2015
- Welcome from FCSM Chairperson
Patricia Toth, NIST
- NIST Computer Security Division Update
Matthew Scholl, NIST, Computer Security Division Chief
- How to Best Protect Against Future Cyber Incidents
Trevor H. Rudolph, Office of Management and Budget (OMB), Chief, Cyber and National Security Unit (OMB Cyber)
- Implementing TIC E3A in Government and Using the XLA Threat Reduction and Correlation Tool (xTractTM)
Sandra Paul-Blanc, National Archives & Records Administration (NARA), Chief IT Security Officer (CISO) and Philip Kulp, XLA, Senior Information Security Architect
- Government Accountability Office (GAO) Information Security Update
Gregory C. Wilshusen, GAO, Director, Information Security Issues
- NIST SP 800-163, Vetting the Security of Mobile Applications
Steve Quirolgico, NIST, Computer Security Division, Computer Scientist
- Using Risk Management to Improve Privacy in Information Systems
Ellen Nadeau, NIST, Cyber Policy Strategist
- Framework for Improving Critical Infrastructure Cybersecurity
Matthew Barrett, NIST, Program Manager, NIST Cybersecurity Framework
- Mobile Application Security and PIV Derived Credentials
Jane Maples, NASA, ESB & Web/Mobile App Development Manager and Peter Cauwels, NASA
August 27, 2015
- Rethinking Cybersecurity from the Inside Out: An Engineering and Life Cycle-Based Approach for Building Trustworthy Resilient Systems
Ron Ross, NIST Fellow, Computer Security Division, Joint Task Force Transformation Initiative
- How FAA Required 50,000+ People to Use PIV Cards in 2 Months
Myles Roberts, Federal Aviation Administration (FAA), Manager, FICAM Program
- Cloud Assessments
John Connor, NIST, Information Technology Security & Networking Division, CISSP
- The National Vulnerability Database (NVD)
Harold Booth, NIST, Computer Scientist
- DOT Security Program Management Subcommittee’s Information Assurance Policy Working Group (IAPWG)
Kevin Sanchez-Cherry, Department of Transportation Cybersecurity Policy, Architecture and Training Lead and Information Assurance Policy Working Group (IAPWG) Founder
- Speak Out
Daniel Wood, Treasury – Term & Topic: PKI Landscape
Pat Toth, NIST – Request for topics for FCSM FY16 meetings
- IT Policy Initiatives Panel
Adam Sedgewick, NIST, Senior Information Technology Policy Advisor; William Fisher and Tim McBride, National Cybersecurity Center of Excellence (NCCoE); Mike Garcia, National Strategy for Trusted Identities in Cyberspace (NSTIC)
- US Census Bureau Risk Management Program Implementation
Jaime Lynn Noble, US Census Bureau, CAP Assistant Division Chief for Policy & Compliance Office of Information Security
- Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program Overview
Martin Stanley, U.S. Department of Homeland Security (DHS), Office of Cybersecurity and Communications, Cybersecurity Assurance Branch Chief – Federal Network Resilience
- April 30, 2015, NIST
- February 12, 2015, NIST