HOME

ABOUT STC

CONFERENCE ORGANIZATION

PRESENTER LOGIN

KEYNOTES

TUTORIALS

EXHIBITORS AND SUPPORTERS

SCHEDULE

REGISTRATION

TRAVEL, LODGING, & AREA INFO

CONTACT US

PROCEEDINGS

IEEE STC Facebook Page IEEE STC Facebook Page

IMPORTANT DATES
February 1, 2017 Abstract and optional full paper submission begins
May 26, 2017 Exhibit & Supporter registration opens
June 15, 2017 Abstract and optional extended abstract submission ends
June 29, 2017 Acceptance notifications sent
July 24, 2017 Submit final abstracts and presenter biographies
August 28, 2017 Submit final presentations and optional full papers

Abstract Details

<< Back to Schedule

9/28/2017  |   9:20 AM - 10:05 AM   |  

Can’t we just get along: Engineering Trade Decisions and the RMF at the System Level

Cybersecurity is often perceived as a compliance effort. The Risk Management Framework (RMF) provides a risk based process for making cybersecurity decisions. Cybersecurity decisions are increasingly moving from compliance based to reducing the risk to the mission and enterprise. In programs implementing a risk based approach to cybersecurity the focus is on reducing the risk of data compromise and interruptions to the most critical mission functions. As part of these programs, the assurance needs are understood and properly addressed early in the lifecycle through integration at the right stages by the relevant stakeholders. When engineering teams work together to integrate layered cybersecurity security that complement the engineering disciplines, the mission and functional requirements of the system are met, while increasing the repeatability and transparency that enterprises need as the first layer of effectively mitigating cyber risks. Transforming from a compliance to risk based approach is fundamentally not a technical problem – it is people- or process-based. This presentation will share resources to assist with the people and process challenges of shifting to a risk based approach to cybersecurity that balance the demands of cost, schedule, and performance.

Presentation:
This presentation has not yet been uploaded.

Handouts:
No handouts have been uploaded.

Michele Moss (Primary Presenter), X, Moss_Michele@bah.com;
Ms. Michele Moss has over 15 years of experience in implementing the assurance processes and practices in a variety of project lifecycles. Ms. Moss is an industry recognized expert in application security processes and practices, Information and Telecommunication Technology (ICT) supply chain risk management (SCRM), process improvement, and software assurance measurement. She is one of the few in the lifecycle management/quality & assurance/cyber security communities that can speak both languages & provide a critical bridge between these communities critical to addressing the challenge of ICT Supply Chain Risk Management. Ms. Moss is providing senior subject matter expert and strategic planning support to the DoD CIO in the areas of ICT SCRM and assurance, commercial global sourcing, and standardization and industry best practices.

2017 Sponsors: IEEE and IEEE Computer Society

This site and all contents (unless otherwise noted) are Copyright ©2017 IEEE. All rights reserved.