RMF LifeBoat GROUP – March 4 2017 – 11am to 1pm – CSF Our Must Know Language

CSF – Our Must Know Language

Please note that we will be meeting at another location for our 4 March meeting.  One of our members found an incredibly wonderful new home for all our future meetings starting very soon. to Everyone can easily get information for our RMF LifeBoat Group meetings and many other rewarding chapter activities by starting on our partner organization’s International System Security Association (ISSA) Northern Virginia (NOVA) chapter home page (google for ISSA NOVA) . Please see the practical information for our LifeBoat group meeting and REGISTER SOONEST by starting there and RSVPing at the NCR-Risk-Management-Framework meetup link provided there or calling 703-402-4379.


The Cybersecurity Framework (CSF) will help an organization to better understand, manage, and reduce its cybersecurity risks. It will assist in determining which activities are most important to assure critical operations and service delivery. In turn, that will help to prioritize investments and maximize the impact of each dollar spent on cybersecurity. By providing a common language to address cybersecurity risk management, it is especially helpful in communicating inside and outside the organization. That includes improving communications, awareness, and understanding between and among IT, planning, and operating units, as well as senior executives of organizations. Organizations also can readily use the Framework to communicate current or desired cybersecurity posture between a buyer or supplier.

– from the NIST CSF FAQs – Framework Basics, FAQ 4

Greg Witte will lead the meetup discussion about the recent draft update to the Framework, and will share some of his lessons learned from applying the CSF in various organizations. He will share some of NIST’s recent work understanding how to integrate the CSF with the RMF – a key factor, given some recent rumors that CSF will have an important role in Federal Government cybersecurity. As time allows, Greg will also share NIST’s progress on several complementary publications: the Baldrige Cybersecurity Excellence Builder and the National Cybersecurity Workforce Framework.

Greg Witte is a Senior Security Engineer for G2 Inc., a small business based near Fort Meade, MD. He supports federal and commercial clients, primarily the NIST Applied Cybersecurity and Computer Security Divisions. He is also a long-time member of ISSA, primarily the DC chapter. Greg contributed to the current NIST Cybersecurity Framework (CSF) and its new draft update as one of several primary authors. He co-wrote ISACA’s guidance for implementing the CSF with COBIT 5, and teaches that practice around the country. Greg is also deeply engaged in Security Automation. He co-wrote the McGraw Hill textbook about Security Content Automation Protocol (SCAP) – drawing on many years of building configuration management practices for the U.S. State Department.

Besides earning Professional Development Units (PDUs) for participating our ISSA NOVA chapter Partner meeting, we all receive the encouragement and help we need for our cyber security professional growth. The friendly interactive presentations by our members of the meetup always lead to lively respectful discussions.  Members always take away information that they that can be applied on the job in the following weeks! In additional our LifeBoat group meetings provide opportunities for the all-important professional networking. If you have a vexing problem, share with like-minded security professionals. They may have already successfully developed a way forward to resolve it.

********* WHERE/WHEN/PARKING for our 4 February meeting ********

We will meet at 11am-1pm at Capital Baptist Church in Annandale near Gallows Road and 495. Our room is available at 10:45. There is a large screen and projector already in the room for our use. Look for the easy to see signs on the doors of the first building you see when you turn into the driveway. There is lots of free parking. Everyone needs to bring their own lunch and drinks to the meeting. Parking is available there. Here is our meeting location information:

March 4 – 11am-1pm (our conference room is available at 10:45).


3504 Gallows Road, Annandale 22003