Please join us for our May chapter meeting and presentation. Mike Bertram, one of our own (ISC)2 San Diego members will be presenting on using the NIST Cyber Security Framework to Improve Contract Security Requirements. With many of us dealing with contracts and other third-party agreements, this is an especially timely discussion. The meeting and presentation will be Thursday, May 10th from 6-8PM, at the University of Phoenix. As always, (ISC)2 members will receive 2 hours of CPEs. Following the meeting, we'll continue the conversation at a no-host social.
Location: UoP 9645 Granite Ridge Dr. Classroom 107 & 108, San Diego, CA 92123
Topic: Using the NIST Cyber Security Framework to Improve Contract Security Requirements
Summary: Organizations have understood the need to address the cybersecurity of their systems for a number of years and this can be seen in the inclusion of cybersecurity requirements in contracts for bid, but many organizations still struggle with ensuring such requirements represent a comprehensive, holistic and lifecycle approach indicative of a robust Cybersecurity program. This presentation presents a method of organizing contract requirements based on the cybersecurity framework published by the National Institute of Sciences and Technology (NIST). The results of an analysis of publicly available RFPs in the surface Transportation sector is discussed to illustrate the need for adopting such a method. Due to the sensitive nature of the subject matter and potential for misuse of the information, no data has been included which would identify the RFPs and system owners to avoid exposing them to unnecessary risk.
Speaker Bio: Michael Bertram has worked at Atkins North America for the past 4 years. He previously worked in Tolling, ITS and Transit industry where he provides technical leadership and expertise in the secure design, implementation, and operations of various regional information systems. He has been active within the San Diego cybersecurity community as an IT Sector chief in the San Diego chapter of InfraGard, a public and private partnership which seeks to strengthen the national defense of critical infrastructure and key resources. The Chapter awarded him as the sector chief of the year in 2014. He is a Certified Information Systems Security Professional (CISSP). In his current role within Atkins, he advises clients on a variety of issues, including transportation cybersecurity. He has a Bachelors degree in computer science from Chapman University.
(ISC)2 San Diego Chapter meetings are held on the second Thursday of the month. In support of (ISC)2 Chapter's mission to Connect | Educate | Inspire | Secure, guestsandstudents are welcome. (ISC)2 members will receive 2 hours of Continuing Professional Education credits, please remember to bring your membership number. If you have not registered with the San Diego chapter please contact Jonathan our membership chair.