The National Institute of Standards and Technology (NIST) is holding the second of four planned workshops to develop a voluntary framework to reduce cybersecurity risks for critical infrastructure from May 29-31, 2013, at Carnegie Mellon University in Pittsburgh, Pa. The hands-on workshop is open to cybersecurity industry experts in all sectors—such as energy, finance, transportation and communications—as well as government and academic stakeholders.
In February 2013, the President issued the "Improving Critical Infrastructure Cybersecurity" Executive Order, which gave NIST the responsibility to develop the cybersecurity framework with industry input. NIST first issued a Request for Information (RFI) on this topic and received hundreds of comments* in April, 2013.
The first Cybersecurity Framework Workshop in early April brought together stakeholders to hear perspectives from industry leaders, reviews of the threat environment from Information Sharing and Analysis Centers in critical infrastructure fields, and to learn about government partnerships with the Department of Homeland Security and NIST. Streaming video of the workshop** is available online.
During the spring and summer workshops, attendees will be asked to roll up their sleeves to identify, refine and guide the many interrelated considerations, challenges and efforts needed to build the framework. Participants in the working sessions will analyze and discuss the framework's initial inputs, including the RFI responses and preliminary analysis conducted by NIST.
Participants in the May 29-31 event are requested to review the RFI comments and NIST analysis, which will be available on the workshop event page,*** before attending the meeting. Plenary sessions will be webcast; participants should check the event Web page in late May for information. Reports on breakout sessions will be available on the event page after the workshop.
The workshop is limited to 500 attendees due to space constraints, so early registration is suggested.
More information about the cybersecurity critical infrastructure framework project, the Executive Order, the NIST RFI and comments is available at online.