itSMF USA Event

itSMF USA Advancing Cyber Resilience through Collaboration
itSMF USA FUSION16
Las Vegas, NV  November 02,
Experience Level: Advanced
This was a great success. There was a mix of people representing the government and private organizations, big and small participating. This was perfect for our value proposition.
The disconnection between ITSM and cyber resilience efforts across all sectors was obvious. Understanding this leads to great opportunity.
The focus of our session was to help identify the people who need to be at the table during the strategy phase of a product or service along with the value of collaboration. The attendees were left hungry for more time on the topic.
Advancing cyber resilience and business value through collaboration is a great opportunity.
We are excited to see our review of this session:
Average Overall Scores: 1 – 5
· Overall this session was: 5
· Speaker(s) expertise/knowledge of subject: 5
· Speaker(s) presentation skills: 5
· Value of Q&A segment: 5 – Practicality: 5
· Compliance with non-commercialism policy: 5
· Should this session be repeated next year: 100%
· Would you recommend this speaker for future events: 100%
· Was the session content what you thought it would be: 100%

charlie tupitza joan coolidge

DESMF Working Group Brief

Briefing on DESMF Edition III and IV with the working group and Global Forum to Advance Cyber Resilience Charlie Tupitza to lead briefing.

We are briefing our progress to the DESMF working group on 30 June.  Part of our briefing is to suggest areas to be considered in DESMF Edition IV.  DESMF Edition III was signed by the DoD CIO Terry Halvorsen last week.

Centers of Academic Excellence Annual Meeting

13-15 June: Our Forum will Sponsor and Participate in the annual meeting of the National Centers of Academic Excellence in Philadelphia.

We are pleased to announce the Forum will be responsible for bringing the business perspective of cyber resilience to the annual meeting. We are providing a panel with subject matter experts in the field of service management and cyber resilience.  We will also be holding a Collaborative Forum event at the end of the conference at the same location.  Please find information about the Colloquium for Information Security Education event here (CISSE).    This is the 2oth year for this event.  More details about our participation and forum event will be available May 1.

Think Differently

Cyber Resilience in Support of Mission Driven Service Management

Value of taking advantage of investments:

Topics: Value of investments

1) Public and private investments in a foundation of standards, best practices, and frameworks.

2) A “common lexicon” of terms and definitions derived from the above investments.
3) Taking advantage of these investments by looking at whole systems.

Rational: Meet a large constituency where they are

Many private sector leaders direct their organizations to conform with standards, frameworks and best practices adopted by the Forum, especially NIST Cybersecurity Framework, ITIL and many more (Executive Suite, Management and Operations). In the public sector, the CIO of the Department of Defense, Mr. Terry Halvorsen, directs the DoD to conform to the Department of Defense Enterprise Service Management Framework (DESMF) in a directive he signed 24 Dec 2015. ITIL is at the foundation of the DESMF as a best practice framework and basic lexicon. Many private and public service management contracts globally call for the use of ITIL.

Context: Forum Events utilize Cyber Resilient Service Management Action Plans (CRSMAP)

The Forum facilitates collaborative events for leaders to share lessons learned and to continually improve their strategies, utilizing a CRSMAP designed to help leaders apply cyber resilient service management investments for organizational efficiency and effectiveness amidst cyber events.

Foundation of Standards, Best Practices and Frameworks:

CRSMAP starts with the foundation of the DESMF recognizing ITIL, COBIT, Lean Six Sigma, CMM, eTOM, ISO/IEC 20000 and is adding other elements such as the NIST Cyber Security Framework, RESILIA, DevOps and Agile.

A Common Lexicon

The CRSMAP is a common lexicon of terms and definitions for sustaining cyber resilience. In scope are terms with value across an organization, one definition for each term, duplicates maintained in Forum archive, with attribution, and continual improvement. Terms with limited value across an organization are left out intentionally for ease of use.
Whole System in relation to its Parts
Cyber Resilience requires a whole systems approach to strike the right balance between

2016 Mega Event

Joan Coolidge,  Keynote Speaker at PMI Mega Event

Joan Coolidge, GFACR’s Chief Strategy Officer, is providing a keynote presentation focusing on leading project team techniques to deliver transformational change amidst complexity and evolving technology at the 2016 PMI Mega Event April 13th in Cincinnati, Ohio.

Many of our most important projects cannot be completed by any single organization. Complex tasks require people and skills from across different organizations and sectors; even ones who don’t understand, agree with or trust one another—to talk, think and work together.

Transformational leadership techniques work, when project managers are willing to stretch beyond traditional ways of acting and being. Benefit from the real payoff of proven approaches used by organizational development specialists today to turn challenges into opportunities.

pmi mega event joan coolidge
PMI Mega Event Joan Coolidge

DESMF Cyber Resilience Focus Group Starts

I7 March 2016 The initial meeting of the DESMF Cyber Resilience Focus Group began regular meetings 2 March via conference call facilitated by our Joan Coolidge  members of the private and public sector including the DoD participated and will be working on the draft charter of the group this week.  It was the consensus to keep a focused purpose which is easy to understand and accomplish.  Stay tuned.  If you want to participate in the forum please let us know via   e-mail.

Charlie Tupitza
Forum  Acting CEO

Future Events

Future Events:

February

19th Global Forum Meeting, Washington, DC
29th DESMF Cyber Resilience Focus Group Virtual

March

National Council of ISACs,  Washington, DC
RSA, San Francisco CA
NIST workshop on Respond and Recover
Software and Supply Chain Assurance Forum Mclean, VA

April

Annual Meeting,  Nations Credit Unions Nashville, TN
PMI Southwest Ohio Mega Event
DHS Incident Response and Recovery Working Group, Crystal City, VA
NIST Cyber Security Framework Conference, Gathersburg, MD

May

DoD Enterprise Service Management Framework Working Group Meeting
Securing the Grid III: Operationalizing Resilience” McLean, VA

June

The Colloquium for Information Security Education Philadelphia, PA

October

itSMF-HDI FUSION Las Vegas, NV

November

NICE 2016 Annual Conference Kansas City, MO

Inaugural Forum Meeting

The Global Forum to Advance Cyber Resilience Held its Inaugural Forum Meeting  18 February, 2016

Critical infrastructure, government and academic leaders convened  on February 18 in Washington, DC at the Kogod Cybersecurity Governance Center at American University for our  inaugural forum meeting of the Global Forum to Advance Cyber Resilience.

inaugural forum meeting cybersecurity facilitation
Drew Jaehing of DISA Fred Hintermiser of NERC, Charlie Tupitza of the Global Forum, Mark Dillon of HP, Nadya Bartol of UTC, Bill Donohoe of Genedge, and others collaborating

Responding to a call-to-action to strengthen critical infrastructure cyber resilience, the Forum represents a trusted international collaborative partnership leading the advancement of operationalizing critical infrastructure cyber resilience through open dialogue, critical insight, thought exchange and collaborative innovation. Attendees included the U.S. Department of Defense, U.S. Department of Homeland Security, Federal agencies, academia, representatives from critical infrastructure sectors, and security and IT service management expert organizations.

The Forum’s goals are strategically focused on providing a “disciplined approach” to operationalize the delivery of cyber resilience “mission-driven” services through the integration of service management and cyber resilience; contributing with a defining voice to the evolution of best practice, standards and frameworks amidst the constantly changing and expanding cyber ecosystem; and enabling organizations to more easily adapt best practices for governance, compliance, controls and education.

To deliver on these goals, via the identification, adoption and adaption of best practices and lessons learned to optimize investment in people, process and technology, the Forum is developing organizational, sector and sub-sector specific operational guidance that integrates cyber resilience into the entire IT Service Management lifecycle, supported by a common lexicon, security controls guidance, and workforce roles and responsibilities. Private industry and government (taxpayer investments) in the following best practices, frameworks and standards are being leveraged in collaboration with the U.S. Deptartment of Defense, NIST, and private-sector organizations.

Charlie Tupitza, Forum Co-Chair said, “Technology is important, but we also need to focus on people and on how we can recover quickly from incidents that will occur while minimizing their effect. This includes cyber attacks and all types of incidents getting in the way of the organization to perform its mission. The Global Forum provides a sustainable platform to bring together experts from the public and private sectors to work together to define and implement solutions focused on using cyber resilience to enable their mission and services.”

Upcoming Global Forum regional sessions will be announced to engage international public and private sector leaders.

For further information about this event and future events please contact us at: resilient@nfppc.org