DoD Faces Risk: Implementing the Risk Management Framework

Featuring: Kevin Dulany
Chief, Risk Management Framework Division at Cybersecurity Policy and Strategy Directorate, under the Deputy Secretary Officer for Cybersecurity (DCIO-CS)

In March 2014 the Defense Department’s then-CIO Teri Takai changed the face of IT security across the military when she called for the transition from the DoD Information Assurance Certification and Accreditation Process, or DIACAP, to the National Institute of Standards and Technology (NIST) Risk Management Framework, or RMF. The transition to RMF, now underway and slated for completion by mid-2018, marks a sweeping cultural shift in the department’s approach to IT security.

DIACAP established a standard set of activities to certify and accredit DoD information systems, and looked to refresh every three years. RMF, on the other hand, takes a dynamic approach, focusing on risk management as its primary approach and emphasizing a need for ongoing continuous monitoring. In this webcast one of DoD's top officials overseeing risk management implementation will walk us through the department's ongoing efforts, including progress made, challenges along the way and what lies ahead for IT security management in the military.

©2016 Sightline Media Group. All rights reserved.

Privacy Policy    Terms of Service