Status report on the NIST Cybersecurity Framework
Mr. Grance will briefly review the Cybersecurity Framework , outline the progress,, describe some novel uses of the Framework, suggest a future course for updating the Framework, and solicit views on governing future versions of the framework.
Tim Grance is a senior computer scientist in the Information Technology Laboratory at the National Institute of Standards and Technology in Gaithersburg, MD. He has held a variety of positions at NIST including Group Manager, Systems and Network Security and Program Manager for Cyber and Network Security. He has led a broad portfolio of projects including high profile projects such as the NIST Hash Competition, Cloud Computing, Security Content Automation Protocol (SCAP), Protocol Security (DNS, BGP, IPv6), Combinatorial Testing, and the National Vulnerability Database. He is presently a senior researcher advising on various projects in cloud computing, mobile devices/applications, internet of things and big data.
He has extensive public and private experience in accounting, law enforcement, and computer security. He has written on diverse topics including cloud computing, incident handling, privacy, metrics, contingency planning, forensics, and identity management. He was named as one of the most influential people in Information Technology for the US Government by Federal Computer Week. He is also is a two time recipient of the US Department of Commerce’s highest award—a Gold Medal, from the Secretary of Commerce.