April ISA New Orleans Section Meeting
Topic: “Framework for Improving Critical Infrastructure Cybersecurity” – An Overview
If you were unable to attend our April section meeting, our guest presenter, Dean Bickerton, The Reynolds Company, provided the slides that were presented.
This introduction to the NIST Framework serves as our own framework for our April training seminar. The section’s spring training seminar will be on ICS Cybersecurity, and will delve deeper in the NIST Framework’s recommendations. Be sure to join us on April 27, 2016, for our full-day training event.
About our April section meeting topic:
Recognizing the national and economic security of the United States depends on our critical infrastructure operating reliably, the President issued Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity, on February 12, 2013. The Order directed the National Institute of Standards and Technology (NIST) to work with stakeholders to develop a voluntary framework – based on existing standards, guidelines, and practices – for reducing cyber risks to critical infrastructure. One year after the issue of EO 13636, NIST released their “Framework for Improving Critical Infrastructure Cybersecurity” Version 1.0 on February 12, 2014.
This presentation will give an introduction to the “Framework” and will breakdown the core functions to Identify, Protect, Detect, Respond, and Recover. We will explore the Categories and Subcategories for each Function and match them to example Informative References such as existing standards, guidelines, and practices including our own, ISA99. We will then look at available tools and resources from both NIST and ISA to assist in adopting, implementing, and improving a cybersecurity risk management program. We will close with an overview of a Roadmap for the Framework moving forward.