Share this:

Cyber Resilience Summit – Knowledge Repository

Revision for “Cyber Resilience Summit – Knowledge Repository” created on April 24, 2018 @ 13:08:37

Title
Cyber Resilience Summit - Knowledge Repository
Content
This Knowledge Repository wiki was created for the <a href="http://it-cisq.org/cyber-resilience-summit/">Cyber Resilience Summit</a> series. Here you will find meeting notes, presentations, policy updates, press coverage and more. &nbsp; The Cyber Resilience Summit Knowledge Repository is managed by <a href="http://it-cisq.org/"><img class="alignnone wp-image-4675" src="http://it-cisq.org/wp-content/uploads/2015/09/CISQ-LOGO-EMAIL.jpg" alt="" width="97" height="49" /></a>   <a href="http://it-aac.org/"><img class="alignnone wp-image-3197" src="http://it-cisq.org/wp-content/uploads/2014/11/ITAAC-logo.jpg" alt="" width="55" height="57" /></a> &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">MEETING NOTES </span></span></h2> Download <a href="http://it-cisq.org/wp-content/uploads/2018/04/Exec-Summary-Cyber-Resilience-Summit-Mar-2018.pdf">meeting notes</a> from the March 20, 2018 Cyber Resilience Summit &nbsp; Download <a href="http://it-cisq.org/wp-content/uploads/2017/11/Cyber-Resilience-Summit-Oct-2017-Executive-Summary.pdf">meeting notes</a> from the October 19, 2017 Cyber Resilience Summit <h1></h1> &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">PRESENTATIONS</span></span></h2> <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-BILL-CURTIS-Standards-for-Managing-Cybersecurity-Risk-and-Technical-Debt.pdf">Standards for Managing Cybersecurity, Risk and Technical Debt</a> Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ) Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-MARC-COHEN-Using-Software-Quality-Standards-with-Outsourced-IT-Vendors.pdf">Using Software Quality Standards with Outsourced IT Vendors - a Fortune 100 Case Study</a> Marc Cohen, Vendor Management practitioner at Fortune 100 institution Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-ADAM-ISLES-Chertoff-Group.pdf">Security Risk Management</a> Adam Isles, Principal, Chertoff Group Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-MICHAEL-CHUNG-Bugcrowd.pdf">Bugcrowd - The Pentagon Opened Up to Hackers and Fixed Thousands of Bugs</a> Michael Chung, Head of Government Solutions, Bugcrowd Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-ROBERT-MARTIN-MITRE.pdf">Risk Management Standards in Practice</a> Robert Martin, Senior Principal Engineer, MITRE Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-HERB-KRASNER-Texas-IT-Champion.pdf">Getting IT Quality Standards into Practice - Confessions of a Texas IT Champion</a> Herb Krasner, University of Texas at Austin (ret.), Texas IT Champion Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2018/03/CISQ-Cyber-Resilience-Summit-2018-3-20-JEFF-BARKSDALE-UL-2900-Security.pdf">UL 2900 Security Standards</a> Jeff Barksdale, Principal Security Advisor, Underwriters Laboratories (UL) Cyber Resilience Summit, March 20, 2018 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/CISQ-CYBER-RESILIENCE-SUMMIT-2017-10-19-BILL-CURTIS-Technical-Debt.pdf">Technical Debt Findings and a Standard</a> Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ) Cyber Resilience Summit, October 19, 2017 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/CISQ-CYBER-RESILIENCE-SUMMIT-2017-10-19-JOHN-WEILER-ITAAC-Roadmap-for-IT-Modernization-and-Cyber-Resilience.pdf">Roadmap for IT Modernization and Cyber Resilience</a> John Weiler, Vice Chair, IT Acquistion Advisory Council (IT-AAC) Cyber Resilience Summit, October 19, 2017 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/CISQ-CYBER-RESILIENCE-SUMMIT-2017-10-19-HERB-KRASNER-Vision-for-Improving-Performance-in-Texas-State-IT-Projects.pdf">Vision for Improving Performance in Texas State IT Projects: Measuring Quality and Cybersecurity</a> Herb Krasner, University of Texas at Austin (ret.), Texas IT Champion Cyber Resilience Summit, October 19, 2017 &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/CISQ-CYBER-RESILIENCE-SUMMIT-2017-10-19-EMILE-MONETTE-SCRM-for-CDM-Products.pdf">Supply Chain Risk Management (SCRM) for Continuous Diagnostics and Mitigation (CDM) Products</a> Emile Monette, Senior Cybersecurity Strategist and Acquisition Advisor, DHS OCISO Cyber Resilience Summit, October 19, 2017 &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">PRESS COVERAGE</span></span></h2> <a href="https://www.federaltimes.com/civilian/dhs/2018/03/21/lack-of-resources-means-agencies-must-accept-threat-of-cyber-breach/">Resources-strapped agencies are leaving networks vulnerable to cyberattack</a> Jessie Bur, Federal Times, March 21, 2018 &nbsp; <a href="https://www.fedscoop.com/scott-says-workforce-drain-bigger-problem-y2k/">Tony Scott calls IT workforce drain a "creeping" crisis bigger than Y2K</a> Carten Cordel, fedscoop, October 20, 2017 &nbsp; <a href="http://www.executivegov.com/2017/10/report-dhs-tests-cyber-tech-acquisition-mgmt-model/">Report: DHS Tests Cyber Tech Acquisition Management Model</a> Nichols Martin, ExecutiveGov, October 20, 2017 &nbsp; <a href="https://www.fedscoop.com/dhs-piloting-agile-acquisition-cdm-for-cloud-ciso-says/">DHS piloting agile cyber acquisition, CDM for cloud, CISO says</a> Carten Cordel, fedscoop, October 19, 2017 &nbsp; <a href="https://www.meritalk.com/articles/dhs-to-stand-up-cdm-cloud-shared-services-for-small-agencies/">DHS to Stand Up CDM Cloud Services for Small Agencies</a> Morgan Lynch, Meritalk, October 19, 2017 &nbsp; <a href="https://www.meritalk.com/articles/learn-to-deal-with-cybersecurity-risk/">Learn to Deal With Cyber Risk</a> Morgan Lynch, Meritalk, October 19, 2017 &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">POLICY</span></span></h2> &nbsp; The Presidents <a href="https://www.performance.gov/PMA/Presidents_Management_Agenda.pdf">Management Agenda</a> was released on March 20, 2018 and focuses on three drivers: IT modernization, modern workforce, data transparency and accountability.  “A key part of the President’s Management Agenda is establishing cross-agency priority goals, or what we call CAP goals, to compliment the broad vision and get into execution and on the ground tactics,” says Office of Management and Budget Deputy Director  for Management Margaret Weichert. “Each CAP goal will be led by an interagency team of senior federal leaders.” Read more on <a href="https://www.federaltimes.com/management/2018/03/20/trump-management-agenda-to-focus-on-multi-agency-goals/">Federal Times</a>. &nbsp; <a href="https://fcw.com/articles/2018/02/06/mgt-guidance-omb-memo.aspx">OMB's user guide to the MGT Act - </a>February 6, 2018 on <a href="https://fcw.com/articles/2018/02/06/mgt-guidance-omb-memo.aspx">FWC</a> The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek funds under the Modernizing Government Technology Act. In a <a href="https://fcw.com/~/media/GIG/FCWNow/Documents/2018/MGT_Act_Draft_Guidance.pdf">19-page draft memorandum</a> to agency heads obtained by FCW, OMB lays out what information agencies should include in their project proposals to receive money from the centralized modernization fund, housed by the General Services Administration, as well as how to navigate using their IT working capital funds. &nbsp; Gen. Burke "Ed" Wilson was promoted to OSD Policy on Cyber. <a href="https://www.defense.gov/News/News-Releases/News-Release-View/Article/1426514/senior-executive-service-announcements/">Read the announcement</a> published January 29, 2018 on www.defense.gov. &nbsp; Suzette Kent, principal at Ernst &amp; Young, is appointed new Federal CIO by President Donald Trump. Read <a href="https://fcw.com/articles/2018/01/26/kent-new-federal-cio.aspx">Trump picks federal CIO</a> (FCW) on January 26, 2018. &nbsp; Final <a href="https://itmodernization.cio.gov/">White House IT Modernization Plan</a> delivered to President Trump in December 2017 outlining plans to accelerate the modernization of legacy systems. See <a href="https://itmodernization.cio.gov/">https://itmodernization.cio.gov/</a>. &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/IT-AAC-Federal-IT-Modernization-Rpt-Signed-9-20-17B.pdf">IT-AAC Federal IT Modernization Report</a> signed September 20, 2017 was submitted to White House American Technology Council (ATC) in response to Executive Order 13,800. &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/11/IT-AAC_DoD_Cloud_RFI_2017_final.pdf">IT-AAC Recommendations for Embracing Commercial Cloud in DoD</a> signed November 17, 2017 submitted to DoD Cloud Executive Steering Group. &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">CYBER RESILIENCE STANDARDS</span></span></h2> Consortium for IT Software Quality (CISQ) <a href="http://www.it-cisq.org/standards">www.it-cisq.org/standards</a> <ul> <li>Standards for software sizing: <a href="http://it-cisq.org/standards/automated-function-points/">Automated Function Points</a>, <a href="http://it-cisq.org/standards/automated-enhancement-points/">Automated Enhancement Points</a></li> <li>Standards for structural quality: <a href="http://it-cisq.org/standards/automated-quality-characteristic-measures/">Automated Quality Characteristic Measures</a>, <a href="http://it-cisq.org/standards/technical-debt/">Technical Debt</a></li> <li>CISQ launched a new <a href="http://it-cisq.org/standards/embedded-extensions-working-group/">Embedded Extensions working group</a> to develop standards for securing embedded and real-time systems.</li> </ul> Also see <a href="http://it-cisq.org/standards/related-standards-and-guidelines/">related standards and guidelines</a> including NIST, ISO, CMM, etc. &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">WEBINARS</span></span></h2> <a href="http://it-cisq.org/cisq-webinar-new-automated-technical-debt-standard/">New Automated Technical Debt Standard </a> The CISQ measure of Automated Technical Debt has just been approved by the OMG® as a standard for measuring the future cost of defects remaining in system source code at release. Technical Debt hinders innovation and puts businesses at unacceptable levels of risk, including high IT maintenance costs, outages, breaches, and lost business opportunities. Dr. Bill Curtis, CISQ Executive Director, delivers an overview of the specification. &nbsp; <a href="http://it-cisq.org/cisq-webinar-using-software-quality-standards-with-outsourced-it-labor-vendor-engagements-a-fortune-100-case-study/">Using Software Quality Standards with Outsourced IT Vendor Engagements - a Fortune 100 Case Study</a> Marc Cohen led IT vendor management at American Express and discusses how to use software quality standards from CISQ in outsourcing engagements. He explains how to derive better software, better development resources, and better vendor relationships by leveraging software quality standards. &nbsp; <a href="http://it-cisq.org/cisq-webinar-using-software-quality-standards-at-scale-in-agile-devops-environments/">Using Software Quality Standards at Scale in Agile and DevOps Environments</a> Over the past two years Fannie Mae IT has transformed from a waterfall organization to a lean culture enabled by Agile and DevOps. Barry Snyder, DevOps Product Manager at Fannie Mae, discusses how to use software measurement standards from CISQ to demonstrate significant improvements in code quality and development productivity. Executive management monitors the organization’s Agile-DevOps transformation by reviewing quality, productivity, and delivery-to-speed. &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;"><a id="itaac"></a>IT ACQUISITION ADVISORY COUNCIL (IT-AAC) DOCUMENTS</span></span></h2> <ul> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/IT-AACICH_Products-and-Services-2017.pdf">IT Acquisition Analytics &amp; Advisory Services </a></li> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/FITARA_Agile_Acquisition_Maturity_Model.pdf">Agile Acquisition Maturity Model (AAM) </a></li> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/IT-AAC_FITARA_Agile_Acquisition_Roadmap_CIO.pdf">FITARA Agile Acquisition for Assured IT Modernization (CxO briefing)</a></li> <li><a href="http://it-cisq.org/wp-content/uploads/2018/03/AgileAcq_Brochure_Updated.pdf">Agile Acquisition brochure</a></li> </ul> &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">ADDITIONAL RESOURCES</span></span></h2> &nbsp; <a href="http://it-cisq.org/wp-content/uploads/2017/10/A-Useful-Point-of-Reference-for-Critical-Infrastructure-Resilience.pdf">A Useful Point of Reference for Critical Infrastructure Resilience </a>Don O'Neill, Independent Consultant &nbsp; <a href="https://www.omg.org/events/va-18/special-events/Modernization-agenda.pdf">Presentations</a> from <a href="https://www.omg.org/events/va-18/special-events/Modernization-Summit.htm">OMG® Modernization Summit</a>, March 21, 2018 in Reston, VA &nbsp; &nbsp; &nbsp; &nbsp; <h2><span style="color: #ff6600; font-size: large;"><span style="color: #2a6891;">PHOTOS</span></span></h2> <a href="http://it-cisq.org/cyber-resilience-summit-mar-2018/#photos">View more photos from the Cyber Resilience Summit here</a> <img class="alignnone size-full wp-image-8182" src="http://it-cisq.org/wp-content/uploads/2017/06/Cyber-Resilience-Summit-Oct-17-ANCC.jpg" alt="" width="1260" height="741" /> <img class="alignleft wp-image-8086 size-full" src="http://it-cisq.org/wp-content/uploads/2017/10/Untitled.png" alt="" width="292" height="164" />
Excerpt


OldNewDate CreatedAuthorActions
April 24, 2018 @ 13:08:37 TracieBerardi
April 24, 2018 @ 13:08:15 TracieBerardi
April 24, 2018 @ 13:08:10 [Autosave] TracieBerardi
April 24, 2018 @ 13:05:17 TracieBerardi
April 24, 2018 @ 13:04:00 TracieBerardi
April 24, 2018 @ 13:03:01 TracieBerardi
April 24, 2018 @ 13:02:11 TracieBerardi
April 24, 2018 @ 12:57:37 TracieBerardi
April 24, 2018 @ 12:55:39 TracieBerardi
April 11, 2018 @ 20:37:46 TracieBerardi
April 11, 2018 @ 20:37:22 TracieBerardi
April 11, 2018 @ 20:36:01 TracieBerardi
April 11, 2018 @ 20:33:11 TracieBerardi
April 11, 2018 @ 20:14:23 TracieBerardi
April 2, 2018 @ 19:07:53 TracieBerardi
March 28, 2018 @ 17:39:48 TracieBerardi
March 28, 2018 @ 16:33:52 TracieBerardi
March 28, 2018 @ 16:32:52 TracieBerardi
March 28, 2018 @ 16:29:18 TracieBerardi
March 27, 2018 @ 17:19:55 TracieBerardi
March 26, 2018 @ 20:44:47 TracieBerardi
March 22, 2018 @ 14:11:53 TracieBerardi
March 21, 2018 @ 15:58:06 TracieBerardi
March 21, 2018 @ 15:56:37 TracieBerardi
March 21, 2018 @ 15:56:13 TracieBerardi
March 21, 2018 @ 15:53:33 TracieBerardi
March 21, 2018 @ 15:47:26 TracieBerardi
February 28, 2018 @ 14:41:17 TracieBerardi
February 28, 2018 @ 14:38:16 TracieBerardi
February 28, 2018 @ 14:37:35 TracieBerardi
February 26, 2018 @ 00:20:26 TracieBerardi
February 25, 2018 @ 19:03:35 TracieBerardi
February 25, 2018 @ 19:02:57 TracieBerardi
February 25, 2018 @ 18:45:35 TracieBerardi
February 25, 2018 @ 18:42:12 TracieBerardi
February 20, 2018 @ 22:11:37 TracieBerardi
February 20, 2018 @ 22:09:13 TracieBerardi
February 12, 2018 @ 20:36:05 TracieBerardi
January 31, 2018 @ 18:12:03 TracieBerardi
January 11, 2018 @ 14:35:37 TracieBerardi
January 5, 2018 @ 15:01:45 TracieBerardi
January 5, 2018 @ 15:01:08 TracieBerardi
January 5, 2018 @ 15:00:29 TracieBerardi
November 21, 2017 @ 21:23:42 TracieBerardi
November 21, 2017 @ 21:19:53 TracieBerardi
November 2, 2017 @ 20:48:23 TracieBerardi
October 26, 2017 @ 17:48:20 TracieBerardi
October 23, 2017 @ 15:05:11 TracieBerardi
October 23, 2017 @ 14:20:03 TracieBerardi
October 23, 2017 @ 13:19:46 TracieBerardi
October 23, 2017 @ 13:17:56 TracieBerardi
October 23, 2017 @ 13:17:18 TracieBerardi
October 20, 2017 @ 15:18:33 TracieBerardi
October 20, 2017 @ 15:17:40 TracieBerardi
October 20, 2017 @ 15:07:52 TracieBerardi
October 16, 2017 @ 18:48:00 TracieBerardi
October 16, 2017 @ 18:47:16 TracieBerardi
October 11, 2017 @ 18:25:53 TracieBerardi
October 11, 2017 @ 14:44:47 TracieBerardi
October 3, 2017 @ 00:49:53 TracieBerardi
October 3, 2017 @ 00:45:31 TracieBerardi
October 3, 2017 @ 00:44:39 TracieBerardi
October 3, 2017 @ 00:39:07 TracieBerardi
October 3, 2017 @ 00:34:37 TracieBerardi
October 3, 2017 @ 00:28:41 TracieBerardi
October 3, 2017 @ 00:27:51 TracieBerardi
October 3, 2017 @ 00:26:41 TracieBerardi
October 3, 2017 @ 00:23:48 TracieBerardi
October 3, 2017 @ 00:06:34 TracieBerardi
October 2, 2017 @ 23:57:35 TracieBerardi
October 2, 2017 @ 23:54:25 TracieBerardi
October 2, 2017 @ 23:48:25 TracieBerardi
October 2, 2017 @ 23:34:55 TracieBerardi

Comments are closed.