Cyber Security and Information Systems Information Analysis Center
In this four part podcast series, CSIAC subject matter experts (SMEs) conduct a roundtable discussion of the first step of the Risk Management Framework (RMF) process, Categorization, focused specifically on Industrial Control Systems (ICS). The main objective of the categorization phase is to project the potential negative effects upon an organization Read More
In part three of the RMF Categorization podcast series, the SMEs discuss the process of aligning the security objectives. The security objectives provide a common understanding of the impact levels on the information types as well as a common viewpoint of a system compromise and its organizational impact. The security objectives allow the system owner to Read More
In this four part podcast series, CSIAC subject matter experts (SMEs) conduct a roundtable discussion of the first step of the Risk Management Framework (RMF) process, Categorization, focused specifically on Industrial Control Systems (ICS). The main objective of the categorization phase is to project the potential negative effects upon an organization Read More
In part two of the RMF Categorization podcast series, the SMEs discuss the process of accurately identifying information types. The identification of the information types establishes the foundation for the system security program. The information types serve as the baseline by which the mission owner as well as the adversary both measure success. Read More
In part one of the RMF Categorization podcast series, the SMEs discuss what a security program is and why it is important. A security program defines the people, processes and technologies used to manage cybersecurity risk to the environment in which your system operates. This document serves as the blueprint for how your system operates and responds to the Read More
In this four part podcast series, CSIAC subject matter experts (SMEs) conduct a roundtable discussion of the first step of the Risk Management Framework (RMF) process, Categorization, focused specifically on Industrial Control Systems (ICS). The main objective of the categorization phase is to project the potential negative effects upon an organization Read More
In this four part podcast series, CSIAC subject matter experts (SMEs) conduct a roundtable discussion of the first step of the Risk Management Framework (RMF) process, Categorization, focused specifically on Industrial Control Systems (ICS). The main objective of the categorization phase is to project the potential negative effects upon an organization Read More
Mr. Daryl Haegley has 30 years of military, federal civilian and commercial consulting experience, currently overseeing the cybersecurity effort to secure control systems / operational technology for the Department of Defense (DoD). He leads DoD policy, security assessments, cyber range capability developments, SECDEF scorecard requirements and Risk Read More
Historically, an organization developed a Cybersecurity program to achieve compliance. It has been our experience, organizations which achieve full compliance cannot continue to operate because of strict Compliance requirements and the lack of a functional Cybersecurity program. The lack of a functional Cybersecurity program enables methodologies found Read More
Stephen Brewster is a graduate of Capitol Technology University with a Masters in Information Assurance Engineering. Stephen has expertise in software assurance, systems integration and testing, and cybersecurity governance and risk management. Mr. Brewster developed software for military logistics planning shortly after finishing his bachelors in Computer Read More
