This is OVER but you can see the recording HERE:


Interested in hearing a more lengthy – and more frank – NIST Framework discussion that also includes both historical context and REAL security discussion? Join me as my employer and I host a webinar March 5, 2014 at 1pm ET.

Registration is HERE.

The official description follows this blurb, but you should also know that in addition to the usual Energysec community, I’m also going to try and aim this webinar at groups like IATC (I Am The Cavalry) and NovaHackers.  As such, not only will I run down my written framework assessments in more detail,  but I’m also going to try and help these other communities understand the levers the framework uses, the state of dialogue that led to it, and how to get engaged in the ongoing process.  Please come prepared to hear more than you will elsewhere. Some pre-reading, if you are so inclined, can be found in my comments on the preliminary draft HERE.

Interpretations and Forecasts: Looking Beyond Rumors, Myths and Misunderstandings About the New NIST Cybersecurity Framework

 On February 12, 2014 the White House released the first version of the NIST Cybersecurity Framework. NIST was directed to create this framework in response to Executive Order 13636, Improving Critical Infrastructure Cybersecurity. Since the preliminary framework was released last October, many rumors have been going around about what the framework is or is not. Additionally, a number of organizations have been making what we believe will likely turn out to be inaccurate representations about how the framework should be used and what expectations will be surrounding it.
In this webinar, we will explore a number of the more common scenarios we’ve heard recently and attempt to provide educated but unaffiliated realism around the document, its uses, its gaps, and what’s going to happen moving forward.
While this will be an editorial webinar, and we cannot claim to represent an official stance on anyone’s behalf, we believe our experience in this area and lack of vested interest will provide attendees with the tools – lenses, if you will – with which to better interpret what you hear from other third parties.