The Cybersecurity and Infrastructure Security Agency (CISA) is proud to present the Defend Against Ransomware Attacks Cyber Range Training event on June 22, 2023, from 9 a.m. to 1 p.m. EDT. The 200-level training events are open to government employees and contractors across Federal, State, Local, Tribal, and Territorial government, educational partners, and critical infrastructure partners. Please use your organization email address when registering.
Workshop on OMB M-22-18 Minimum Requirements
On June 1, NIST and OMB will host a workshop to discuss next steps for implementation of M-22-18, Enhancing the Security the Software Supply Chain through Secure Software Development Practices, the intended impact on the security of the Federal enterprise, CISA’s self-attestation common form, and the initial minimum requirements contained therein.
June 1, 2023
11:00am – 1:00pm EDT
Virtual Only
4th Multi-cloud Conference and Workshop
May 24 – 25, 2023
Herbert C. Hoover Federal Building
1401 Constitution Avenue NW
Washington, DC 20230
Registration closes on May 18, 2023.
A live stream will be available on the event page for May 25th only, as a view-only option (in real time but without an opportunity to provide comments or ask questions).
This year’s Multi-Cloud Conference hosted by NIST, DOC, and Tetrate will focus on delivering Zero Trust Architecture (ZTA) through application-tier and network-tier policies in a high-assurance service mesh operating environment.
CISO Handbook: Defense Information Systems Agency
May 4, 2023
2:00 PM
Webinar
During this exclusive CISO Handbook webinar, moderator Justin Doubleday and guests Brian Hermann from the Defense Information Systems Agency and Christopher Day from Tenable will explore zero trust progress and strategy at DISA.
Take a Programmatic Approach to Your Zero Trust Journey
Virtual Event
Apr 20, 2023
Time: 10:00 AM – 12:30 PM ET
Location: Web Conference
Zero trust journeys typically start down one of two paths: (1) With a formal strategy to build a holistic program; or (2) tackling point projects employing zero trust principles of least privilege and least trust. This session walks through the policy and planning steps for both paths to move your zero trust transformation forward.
Assess Your Supply Chain in Line with NIST C-SCRM
Virtual Event
Mar 1, 2023
Time: 10:00 AM – 12:30 PM ET
Location: Web Conference
Assess Your Supply Chain in Line with NIST C-SCRM
The NIST Cybersecurity-Supply Chain Risk Management guidelines released in May 2022 establish 12 coverage areas (many of which are outside traditional information security boundaries) and put a spotlight on the importance of robust, accurate evaluations as part of any supply chain security strategy.
Mature Your Zero Trust Program: Use Cases for 2023
Virtual Event -Feb 22 2023
Time -10:00 AM – 12:30 PM CT
Location-Web Conference
Applying zero trust architectures in an iterative way – one project at a time – has proven a sustainable method to deepen zero trust capabilities across a program. This symposium covers popular zero trust use cases for 2023 to accelerate your organization’s zero trust maturation.
2023 VIRTUAL SYMPOSIUM
Assess Your Supply Chain in Line with NIST C-SCRM
Mar 1, 2023 Time: 10:00 AM – 12:30 PM ET
Location: Web Conference
The NIST Cybersecurity-Supply Chain Risk Management guidelines released in May 2022 establish 12 coverage areas (many of which are outside traditional information security boundaries) and put a spotlight on the importance of robust, accurate evaluations as part of any supply chain security strategy.
SOFTWARE & SUPPLY CHAIN ASSURANCE MEETINGS
JANUARY 24 & 25, 2023
MITRE McLean Building 1
7525 Colshire Drive
Mclean, VA 22102
The Software and Supply Chain Assurance Forum (SSCA) provides a venue for government, industry, and academic participants from around the world to share their knowledge and expertise regarding software and supply chain risks, effective practices and mitigation strategies, tools and technologies, and any gaps related to the people, processes, or technologies involved. Co-led by the National Institute of Standards and Technology (NIST), the Department of Homeland Security (DHS), the Department of Defense (DoD), and the General Services Administration (GSA).
DORA and Strategies for Managing Risk in the Extended Supply Chain
On-Demand
Supply chain risk management (SCRM) is a vital enabler of digital operational resilience in financial institutions. With upcoming regulatory compliance requirements under the European Union’s Digital Operational Resilience Act (DORA), they will be required to transform the way they manage risk in their extended supply chains.