Under Executive Order 13636, NIST was given responsibility to develop a cybersecurity framework to reduce cybersecurity risks for critical infrastructure. This meeting brought together stakeholders to solicit their comments in person. NIST is interested in collecting information about current risk management practices; use of frameworks, standards, guidelines and best practices; and specific industry practices.
The second workshop on the Cybersecurity Framework was an opportunity for attendees to identify, refine, and guide the many interrelated considerations, challenges, and efforts needed to develop the Framework. The majority of the workshop included working sessions where participants analyzed and discussed the initial inputs to the Framework (including responses to the RFI) and the related preliminary analysis conducted by NIST. In order to make this a useful exercise, we asked that all participants review the RFI submissions. We also requested that participants study the NIST preliminary analysis which is available here.
Please note that due to space limitations, registration for this workshop was limited to 500 people. Plenary sessions were webcast and reports on the breakouts will be available after the workshop. The workshop's webcast of plenary sessions are archived on this page : http://go.usa.gov/bgFF
The workshop was hosted by Carnegie Mellon University. The plenary sessions were held at McConomy Auditorium, 5000 Forbes Avenue.