Improving Critical Infrastructure Cybersecurity

Printer-friendly version
Sub Heading: 
Jon Boyens, Senior Advisor for Information Security, National Institute of Standards and Technology<br>Nadya Bartol, Senior Cybersecurity Strategist, Utilities Telecom Council

Improving Critical Infrastructure Cybersecurity

Jon Boyens, Senior Advisor for Information Security, National Institute of Standards and Technology

Nadya Bartol, Senior Cybersecurity Strategist, Utilities Telecom Council

Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, President Obama issued Executive Order 13636, Improving Critical Infrastructure Cybersecurity, in February 2013. It directed the Natonal Institute of Standards and Technology (NIST) to work with stakeholders to develop a voluntary Cybersecurity Framework (CSF) – based on existing standards, guidelines, and practices - for reducing cyber risks to critical infrastructure.

This session will cover:

  • An overview and status update on the NIST Cybersecurity Framework, by Jon Boyens, Senior Advisor for Information Security, National Institute of Standards and Technology
  • How the utilities and telecoms are looking at adopting the Framework by Nadya Bartol, Senior Cybersecurity Strategist, Utilities Telecom Council
  • Where supply chain security and standards, like the O-TTPS, fit in the Cybersecurity Framework (facilitated by Sally Long, Director of The Open Group Trusted Technology Provider Forum)
  • Adoption and experience with use of the CSF (who is using it, what’s the overall uptake, and the experience of implementers)
  • How 3rd party standards can be used with the Cybersecurity Framework (whether specifically referenced or not)
  • Governance process for changes to the CSF

Bios

Jon Boyens, Senior Advisor for Information Security, National Institute of Standards and Technology

Jon Boyens is a Senior Advisor for Information Security in the Information Technology Laboratory, within the Department of Commerce’s National Institute of Standards and Technology (NIST). He leads NIST’s Information and Communications Technology Supply Chain Risk Management Program and works on various policy and technical projects. Boyens helps develop and coordinate the Department's cybersecurity policy among the Department’s bureaus. He represents the Department in the Administration’s interagency cybersecurity policy process. Boyens has worked on various White House-led initiatives, including those on trusted identities, botnets, supply chain and, most recently, the Cybersecurity Executive Order and related work on Cybersecurity Incentives, Government Acquisition Policy and the Cybersecurity Framework and Roadmap.

Nadya Bartol, Senior Cybersecurity Strategist, Utilities Telecom Council

Nadya Bartol is responsible for helping UTC member utilities address cybersecurity challenges, from policies and standards to practical implementation. Prior to UTC, Nadya led multiple implementations of comprehensive cybersecurity programs. She also developed and led the delivery of several service offerings including security program management supply chain risk management, continuous monitoring, security measurement, and security standards. She co-authored several NIST publications including the ones on supply chain risk management and security measurement and currently serves as a project editor of an ISO standard on Information Security for Supplier Relationships. Nadya was named one of the Top 15 Women in Energy by Fierce Energy in 2012 and was a recipient of InterNational Committee for Information Technology Standards (INCITS) Team Award in 2013 for her work in cyber supply chain standards.

 

 

Home | Sitemap | Privacy | Legal