ONG-ISAC & NIST Briefing

Abstract:

The National Institute of Standards and Technology (NIST) has updated the widely used Cybersecurity Framework (CSF), its landmark guidance document for reducing cybersecurity risk. CSF Version 2.0 now explicitly aims to help all organizations — not just those in critical infrastructure, its original target audience — to manage and reduce risks. NIST has updated the CSF’s core guidance and created a suite of resources to help all organizations achieve their cybersecurity goals, with added emphasis on governance as well as supply chain risk management. This update is the outcome of a multiyear process of discussions and public comments aimed at making the framework more effective. This discussion focused on the update process for CSF 2.0, the changes proposed by stakeholders, and new resources for implementation.

After the presentation, there was a roundtable discussion where members discussed their use of the NIST Cybersecurity Framework.

Speaker:

Amy Mahn – International Policy Specialist; National Institute of Standards and Technology

Speaker bio:
Ms. Amy Mahn is an international policy specialist in the Applied Cybersecurity Division at the National Institute of Standards and Technology (NIST), an agency within the U.S. Department of Commerce.  Amy’s primary focus is leading and providing support to the international aspects and alignment of the Cybersecurity Framework and other NIST cybersecurity and privacy resources. This work
includes direct engagement with international governments and industry, as well as international standards development efforts.
Amy previously worked for eleven years at the Department of Homeland Security in various roles, including international policy coordination in cybersecurity and critical infrastructure protection. Amy holds a Bachelor of Arts from Muhlenberg College and a Master of Arts in Political Science from American University.