8 March 2016 The Global Forum to Advance Cyber Resilience will become a single focused not for profit corporation as of 10 March 2016 per the advise of participants in the forum. This will allow us to focus on our mission.
There are a number of activities associated with this activity that will complement what we are doing. It would be very easy to bring many of them under our umbrella. We are deliberately staying away from this because we feel we have enough in front of us and want to do an excellent job to serve interested parties through our mission while maintaining our scope. We will do this by connecting the dots between commonly available best practices, standards, and frameworks.
Forum Mission: To enhance and maintain Critical Infrastructure Resilience against all Cyber Risks.
Scope: Public and private-sector critical infrastructure organizations, including small and midsize businesses, standards and best practice organizations, and organizations supporting workforce development.
1 March 2016 I attended the working session the NIST put together at the RSA conference yesterday regarding input from the public for their guidance on response and recovery. There were about thirty people in attendance for about an hour and a half. Kevin Stine and Donna Dodson along with several other NIST folks and their contractor for this project G2 Inc were there in support.
They seem to be approaching this from a general point of view.
Utilizing Service Management
This Forum is approaching response, recovery, and minimization of damage from a perspective of utilizing IT Service Management Best practices so all in the discussion will be utilizing a common lexicon for the approach. We will add the cyber perspective to that of incident response and recover and minimize impact. We will share these lessons with the NIST. This approach will complement what they are doing.
26 February 2016
C Level Interest. The Global Forum approaches this from the business side of “Resilience” enabling the purpose of services offered and mission of the organization.
Taking advantage of Leadership for Authority: The Forum is in direct support of the Department of Defense Chief Information Officer’s 24 December Directive regarding the DoD Enterprise Service Management Framework (DESMF). The DESMF calls out a basic lexicon for IT Services and we help organizations take advantage of the lexicon in use in both public and private IT Services.
Current Investment Advantage: The Forum represents an approach taking advantage of existing taxpayer and public sector “in common” investments and builds on them. Our cyber resilient best practices are underpinned by this investment. There are over three million people certified and over eight million trained in the basic lexicon of ITIL. A large portion of IT Service contracts in the federal government call out this lexicon.