Exploring the Past, Present and Potential Future of the NIST Risk Management Framework
During this on-demand webinar, co-hosts Gianna Price and Steve Horvath will discuss the past, present and potential future of the RMF and explore the peaks and valleys it has experienced over the years. They’ll identify some of the gaps between governance expectations, the realities of control implementation, and how these gaps have contributed to frustrations across the security and compliance industries. They will also consider some strategies for how to mitigate these “growing pains” of the RMF as it evolves into a flexible framework for a new era of cyber risk management.
The value of “RMF Without an ATO Driver”
Ideas for architecting efficient risk management processes
Managing requirement across multiple mandated frameworks
Tips for those just starting the RMF
Many organizations let compliance drive cybersecurity, which often results in manufactured compliance and poor risk management. In this webinar, you’ll learn how the RMF can help improve security and facilitate compliance across various frameworks such as NIST 800-171 and the soon-to-be CMMC. You’ll also come away with new insights into how the RMF is maturing into a more flexible resource for organizational risk management, especially in association with its cousin, the NIST Cybersecurity Framework.
About Gianna Price:
Gianna Price joined Telos in 2018 as an Xacta® solutions architect and serves as a cybersecurity subject matter expert. She is a skilled specialist with 17 years of experience – 15 of which she spent in Department of Defense information assurance and cybersecurity. Gianna works directly with customers, providing expertise in cybersecurity program development, the NIST Risk Management Framework (RMF) and their implications in operational environments.
About Steve Horvath:
Joining Telos in 2006, Steve Horvath established a new model for providing professional services in support of the company’s Xacta risk management platform. He currently serves as Vice President of Strategy and Cloud with a focus on long-term strategic partnerships and solutions spanning the company’s breadth of offerings. With over 20 years practical experience in the information security domain, Steve is considered an expert in risk and compliance for information technology. He is a graduate of the University of Maryland, College Park, and maintains both Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP) certifications.