by Diana Proud-Madruga
Three to four times a year, the 13 security and privacy experts from public and private organizations who comprise the Information Security and Privacy Advisory Board (ISPAB) hold two days of public meetings. Their purpose? Identify emerging information security and privacy issues that could affect federal information systems and review proposed standards and guidelines developed by NIST.
The ISPAB holds public meetings to identify emerging information security and privacy issues that could affect federal information systems and review proposed standards and guidelines developed by NIST.
Issues may involve a variety of areas including managerial, technical, administrative and physical safeguards. The ISPAB then briefs NIST, DHS and OMB on their findings, providing suggested remedial action.
NIST, on behalf of the ISPAB, invites security and privacy experts and the public to the meetings.
During 2022, ISPAB heard from over 45 different agencies and organizations including Georgia Institute of Technology, MITRE, Google, CISA, GAO, ONCD, Forescout, FTC and the Senate Committee on Commerce, Science and Transportation. They were briefed on numerous topics including post-quantum cryptography; open-source software security; nurturing and building the next generation of cybersecurity professionals; artificial intelligence security, privacy and risk management; NIST security and privacy frameworks and standards; supply chain security and risk management; and legislative actions such as Executive Orders, OMB memoranda, and the passing of the CHIPS and Science Act.
NIST, on behalf of the ISPAB, invites security and privacy experts and the public to the meetings.
More information on ISPAB meetings, activities and recommendations can be found here.
REFERENCES
National Institute of Standards and Technology (NIST) Information Security and Privacy Advisory Board | https://csrc.nist.gov/projects/ispab