C2M2 and the NIST Cyber Framework: Applying DOE’s NIST Cyber Security Framework Guidance

SGIP22In February 2013, the President released Executive Order (EO) 13636 which called for NIST to develop a voluntary Cyber Security Framework for Critical Infrastructure Sectors. The Framework was to provide a “prioritized, flexible, repeatable, performance-based, and cost effect approach” to manage cyber security risk. This EO led to the release of NIST’s Cybersecurity Framework (CSF) in February of 2014.

NIST’s CSF is composed of 3 parts:
Framework Core
Framework Implementation Tiers
Framework Profile

The Department of Energy (DOE) subsequently released the Energy Sector’s Cybersecurity Framework Guidance in January of 2015 using the Cybersecurity Capability Maturity Model (C2M2) the recommended tool for implementing the NIST CSF. DOE advocates the use of C2M2 because of its widespread use, sector specific guidance, and because DOE has provided mapping from C2M2 to the NIST CSF.

Key Takeaways from this Webinar:

1. An Overview of DOE’s C2M2 and NIST CSF Implementation Guidance

2. Lessons learned and our methodology for implementation of the NIST CSF

3. Proof-of-concept demonstration for our automated C2M2 to NIST CSF tool

4. Planned next steps or future enhancements

The Presenter: This webinar will be presented by guest speaker, Christopher S. Taylor, a senior Engineering Analyst for Southern Company’s IT Security Team

Who should attend: Energy professionals

Scheduled for one hour, this SGIP webinar is offered at no charge and open to SGIP Members and non-members.

Reserve your webinar seat now!

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

BE IN THE KNOW

Join 7,545 other subscribers