Continuous Monitoring Architecture Workshop

This meeting is open to Federal employees, industry, and the public.
Advance registration is required.

Agenda

8:30 a.m. Welcome and Announcements
Kevin Stine, NIST

8:35 a.m. Information Security and Identity Management Committee Continuous Monitoring Initiatives and History
John Streufert, DOS

9:00 a.m. DHS Continuous Monitoring Strategy, Directions, and SAIR Tier III
Matt Coose, DHS (invited) and
Tim McBride, DHS

9:30 a.m. DOD Continuous Monitoring Vision and Objectives
Kevin Dulany, DOD OSD

10:00 a.m. Continuous Monitoring Definition and Enterprise Architecture
Steve York, NSA

10:30 a.m. CAESARS Framework Extension (FE), Technical Reference Architecture
Peter Mell, NIST

11:30 a.m. Application to the NIST Risk Management Framework and Associated Continuous Monitoring Guidance
Kelley Dempsey, NIST

12:00 p.m. Lunch on your own (NIST cafeteria is across the hall)

1:00 p.m. Continuous Monitoring Architecture Functional Requirements Workgroup
Peter Mell, NIST
Purpose: Discuss draft CAESARS FE requirements and obtain feedback on how to best refine them.

3:00 p.m. Continuous Monitoring Communication Payload Workgroup
David Waltermire, NIST
Purpose: Discuss the low level interface and payload specifications necessary to support CAESARS FE.

4:00 p.m. Vendor Feedback and General Discussion
Questions to answer:

1. To what extent to commercial tools already support the CAESARS FE capabilities?
2. What would commercial tools need to do to support the CAESARS FE architecture?
3. Does CAESARS FE meet organization’s continuous monitoring needs?
4. What should the CAESARS FE team change?
5. What questions remain unanswered?

5:00 p.m. Closing Remarks and Adjourn
Peter Mell, NIST