The FISMA Focus IPD

Alternative website link (Youtube) https://www.youtube.com/watch?v=lhfW5UTsras (link is external)The National Institute of Standards and Technology (NIST) Cybersecurity for IoT Program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of connected devices and the environments in which they are deployed. By collaborating with stakeholders across government, industry, international bodies, and academia, the program aims to cultivate trust and promote U.S. leadership in IoT.

Given stakeholder concerns and ongoing security incidents, there has been interest in NIST providing guidance for federal agencies on how to secure their IoT within their Federal Information Security Modernization Act (FISMA) responsibilities. While agencies are aware that IoT introduces security and privacy risks, there is confusion regarding how to address and mitigate these risks.

Having observed the broadened threat landscape and processed stakeholder feedback, the NIST Cybersecurity for IoT Program is interested in the prospect of providing guidance for federal agencies on common high-level security and privacy risks. The Program is hosting this colloquium to hear from the community about these concerns, better understand the threat landscape, gauge stakeholder interest in such guidance, and determine next steps.

PRE-READ ESSAY

Speakers include:

• Andrea Arias, Bureau of Consumer Protection, FTC 
• Carlos J. Bosch, Head of Technology, GSMA North America
• Matthew Eggers, Executive Director, Cybersecurity Policy, U.S. Chamber of Commerce
• Jeremy Grant, Managing Director of Technology Business Strategy, Venable
• Arabella Hallawell, Senior Director, Advanced Threat, Arbor Networks
• Joe Jarzombek, Global Manager, Software Supply Chain Management, Synopsys Software Integrity Group
• Gilad Rosner, Founder, Internet of Things Privacy Forum
• Yasser Shoukry, Assistant Professor, University of Maryland
• Andrew Sullivan, Fellow, Oracle Dyn