Registration for the 2018 NIST Cybersecurity Risk Management Conference -- to be held November 7-9, 2018, at the Renaissance Baltimore Harborplace Hotel, in Baltimore, Maryland -- is now open and speaker nominations are being accepted. Sponsored by the National Institute of Standards and Technology (NIST), the three-day conference is expected to attract leaders from industry, academia, and government at all levels, including international attendees.
Building on previous well-attended NIST Framework for Improving Critical Infrastructure Cybersecurity workshops, the expanded conference aims to:
- Explore, document, and share best practices and experiences using the Cybersecurity Framework and related risk management approaches.
- Determine early uses and utility of the updated (Version 1.1) Cybersecurity Framework.
- Review and receive stakeholder input on key risk management topics included in the Cybersecurity Framework Roadmap.
The conference will be organized around three main tracks in multiple plenary and breakout sessions. Tracks will focus on executive cybersecurity risk governance and administration, cybersecurity risk management, and cybersecurity operations.
The Cybersecurity Framework, initially published in 2014 and updated in April 2018, will be used as the primary lens through which to view cyber risk management-related topics covered by the sessions tracks. NIST welcomes submissions in all topics related to cybersecurity risk management, and is particularly interested in the following topics:
- Governance and Enterprise Risk Management,
- Supporting Organizational/Business Objectives through Cybersecurity Measurement,
- Workforce Evolution and Role and Responsibility Formulation,
- Use of Framework in Regulatory Settings,
- Supply Chain Risk Management,
- Use of Framework in Contractual Relationships or Legal Applications,
- Cybersecurity Insurance,
- Framework Profiles, Resources, Case Studies, and Success Stories,
- Cybersecurity in Small and Medium-Sized Organizations,
- U.S. Federal Use,
- International Alignment and Use,
- Confidence Mechanisms including, but not limited to, Assessment and Certifications,
- Use of Framework in Cyber-Physical Systems, Industrial Control Systems, and Internet of Things,
- How Framework Supports Privacy Objectives,
- Personnel Requisition, Candidate Evaluation, KSA Creation and Communication,
- Identity Management,
- Referencing Techniques including, but not limited to, Informative References, Crosswalks, and Mappings, and
- Cyber-Attack Lifecycle including, but not limited to, Automated Indicator Sharing, Coordinated Vulnerability Disclosure, and Use of Big Data.
Speakers are expected to support conference track topics by informing and stimulating discussions among participants. These presentations should advance cybersecurity risk management and the goals of the conference and should not serve a promotional purpose.
Nominations should include: track, session, speaker, and brief biographical information; proposed session/presentation title and a brief (100-150 words) description of the presentation; and speaker contact information. The deadline for nominations is July 31, 2018. NIST will make decisions and notify nominators by August 31, 2018.
Nominations, including supporting information cited above, should be submitted to: firstname.lastname@example.org