CISSE Panel Discussion

We introduced our Forum to the CISSE attendees at this annual conference of the Centers of Academic Excellence in Philadelphia PA on 15 June.

Larry Wilson of the University of Massachusetts, Consultant David Moscowitz, and Joan Coolidge of the Forum discussed the importance of a holistic approach to cyber resilient services.

Larry Wilson, Joan Coolidge, David Moskowitz, Charlie Tupitza at CISSE 2016
Larry Wilson, Joan Coolidge, David Moskowitz, Charlie Tupitza at CISSE 2016

We announced our Common Lexicon release for cyber resilience.

We had the opportunity to discuss several topics including the value of a common lexicon, the NIST Cyber Security Framework, SP 800-160 and the National Initiative for Cyber Education in a service management environment, and education for the cyber workforce around

 

Centers of Academic Excellence Annual Meeting

13-15 June: Our Forum will Sponsor and Participate in the annual meeting of the National Centers of Academic Excellence in Philadelphia.

We are pleased to announce the Forum will be responsible for bringing the business perspective of cyber resilience to the annual meeting. We are providing a panel with subject matter experts in the field of service management and cyber resilience.  We will also be holding a Collaborative Forum event at the end of the conference at the same location.  Please find information about the Colloquium for Information Security Education event here (CISSE).    This is the 2oth year for this event.  More details about our participation and forum event will be available May 1.

Think Differently

Cyber Resilience in Support of Mission Driven Service Management

Value of taking advantage of investments:

Topics: Value of investments

1) Public and private investments in a foundation of standards, best practices, and frameworks.

2) A “common lexicon” of terms and definitions derived from the above investments.
3) Taking advantage of these investments by looking at whole systems.

Rational: Meet a large constituency where they are

Many private sector leaders direct their organizations to conform with standards, frameworks and best practices adopted by the Forum, especially NIST Cybersecurity Framework, ITIL and many more (Executive Suite, Management and Operations). In the public sector, the CIO of the Department of Defense, Mr. Terry Halvorsen, directs the DoD to conform to the Department of Defense Enterprise Service Management Framework (DESMF) in a directive he signed 24 Dec 2015. ITIL is at the foundation of the DESMF as a best practice framework and basic lexicon. Many private and public service management contracts globally call for the use of ITIL.

Context: Forum Events utilize Cyber Resilient Service Management Action Plans (CRSMAP)

The Forum facilitates collaborative events for leaders to share lessons learned and to continually improve their strategies, utilizing a CRSMAP designed to help leaders apply cyber resilient service management investments for organizational efficiency and effectiveness amidst cyber events.

Foundation of Standards, Best Practices and Frameworks:

CRSMAP starts with the foundation of the DESMF recognizing ITIL, COBIT, Lean Six Sigma, CMM, eTOM, ISO/IEC 20000 and is adding other elements such as the NIST Cyber Security Framework, RESILIA, DevOps and Agile.

A Common Lexicon

The CRSMAP is a common lexicon of terms and definitions for sustaining cyber resilience. In scope are terms with value across an organization, one definition for each term, duplicates maintained in Forum archive, with attribution, and continual improvement. Terms with limited value across an organization are left out intentionally for ease of use.
Whole System in relation to its Parts
Cyber Resilience requires a whole systems approach to strike the right balance between