DOCUMENT
CSRB Industry Day Brief FINAL 09202022.pdf
OVERVIEW
Original Source
Contract Opportunity
Related Opportunity
Related Agency
Posted
Sept. 20, 2022
Type
.pdf
Size
0.76MB
DOCUMENT PREVIEW
EXTRACTED TEXT
C I S A | C Y B E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y
CYBER SAFETY REVIEW BOARD (CSRB)
VIRTUAL INDUSTRY DAY
SEPTEMBER 20, 2022
CISA Contracting Office
September 20, 2022
CISA CSRB Virtual Industry Day
CISA Stakeholder Engagement Division (SED) Virtual Industry Day
WELCOME!
20 September 2022
Hosted by:
CISA Contracting Office
Please ensure you sign in with your first name, last name and company name.
CISA Contracting Office
September 20, 2022
Agenda
Time
Topic
Speaker
10:00am -10:10am
Welcome and Introductions
Ms. Angel C. Rhone, CISA Contracting Office
10:10am - 10:15am
Ground Rules
Ms. Angel C. Rhone, CISA Contracting Office
10:15am 10:45am
Program Overview
10:45am 11:00am
PWS Overview
11:00am 11:15am
Break
Mr. Michael Clements, Associate Director, CISA SED Strategy,
Performance & Resources
Ms. Elizabeth Gauthier, Deputy Associate Director, CISA SED Council
Management Subdivision
11:15am 11:45am
CISA SED and CISA Contracting Office
11:45am 12:00pm
Way Forward
Ms. Angel C. Rhone, CISA Contracting Office
CISA Contracting Office
September 20, 2022
Ground Rules
Questions or comments may be submitted via the MS Teams chat icon. We will
make every effort to respond during the event.
Questions may also be submitted by email no later than September 27, 2022.
All questions and answers will be available within the original SAM.gov posting
approximately 15 days after the event.
Slides will be posted to the original SAM.gov notice.
Your feedback is important to us! Please take the time to complete the survey
included in the chat.
CISA Contracting Office
September 20, 2022
Disclaimer
The information we provide today reflects things as we know them today. Information
and details may change as the acquisition process moves forward.
Participation is not mandatory in order to participate in future CISA notices.
Attendance does not confer preference for contract award.
CISA Contracting Office
September 20, 2022
Industry Day Goals
To further the dialogue with industry and provide insight into the requirement
To aid in the market research process
To gather questions from industry
Questions from industry will be gathered during todays event. The questions and their
answers will be posted on SAM.gov
To encourage industry to be an active participant in the acquisition process
To allow industry to network and form teams
CISA Contracting Office
September 20, 2022
C I S A | C Y B E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y
STAKEHOLDER ENGAGEMENT DIVISION
PROGRAM OVERVIEW
MR. MICHAEL CLEMENTS, ASSOCIATE DIRECTOR
CISA SED STRATEGY, PERFORMANCE & RESOURCES
CISA Contracting Office
September 20, 2022
CISA Divisions
CISAs Mission
CISA leads the national effort to understand,
manage, and reduce risk to our cyber and
physical critical infrastructure.
DIRECTOR
Jen Easterly
DEPUTY DIRECTOR
Nitin Natarajan
EXECUTIVE DIRECTOR
Brandon Wales
SED leads CISAs national and
international partnerships and
engagements while serving as the
agencys hub for the shared stakeholder
information that advances unified risk
reduction efforts.
CISA Contracting Office
September 20, 2022
8
CISA Priorities
The CISA Workforce Attract and retain world-class talent.
Partnerships Sustain trusted partnerships between government and private sector.
Federal Cybersecurity Reduce cybersecurity risk to the Federal Civilian Executive Branch.
Critical Infrastructure Security Bolster efforts to secure cyber, physical, and
communications critical infrastructure.
Industrial Control Systems (ICS) Maintain operational focus on ICS entities.
Soft Target Security Reduce risk and impact of attacks against soft targets and crowded
places.
Climate Resilience Support information sharing among federal, state, and local partners in
preparation for extreme climate events.
CISA Contracting Office
September 20, 2022
SED Leadership and Focus Areas
Alaina Clark
Assistant Director (AD)
Trent Frazier
Deputy AD
Sector Management
Sector Risk Management
Agency functions for eight
sectors
Council Management
National and CISA advisory
councils, cross-sector councils,
CIPAC compliance
CISA International
International capacity building,
collaboration, and information
sharing
Strategic Relations
Stakeholder engagement
strategy, outreach, campaigns,
data management
Stakeholder Engagement & Partnership Management
With private industry; federal, state, local, tribal, and territorial agencies; international entities; academia,
NGOs, and non-profit organizations
CISA Contracting Office
September 20, 2022
National and International Engagements &
Partnerships
Sector and Council Management
Facilitates collaborative efforts with public and
private partners to provide subject-matter
expertise in coordinating critical infrastructure
security and resilience efforts through sector-
specific, cross-sector, and advisory councils.
Stakeholder Associations
Cultivates relationships with partner
associations across federal and state, local
tribal, and territorial (SLTT) governments,
private sector industry, academia, non-profits,
and other organizations to support and amplify
the reach of CISA programs and policies.
CISA International
Identifies international opportunities for
leadership and program-level engagement.
Represents CISA in a variety of engagements
and communicates CISAs mission,
operational requirements, and activities with
international partners
Awareness Campaigns
Shares information with the general public
and other audiences, to garner whole
community support for cybersecurity,
infrastructure security, and emergency
communications.
CISA Contracting Office
September 20, 2022
Partnership & Advisory Councils
Cross-Sector Partnership Councils
CIC-SC
Federal Senior Leadership
Council
Critical Infrastructure Cross-
Sector Council
Regional Consortium
Coordinating Council
State, Local, Tribal and Territorial
Govt Coordinating Council
Presidential Advisory Councils
CISA Advisory Council
Review Board
National Infrastructure
Advisory Council
National Telecommunications
Advisory Committee
Cybersecurity Advisory
Committee
Cyber Safety
Review Board
C=CIPAC F=FACA O=Other
CISA Contracting Office
September 20, 2022
For more information:
www.cisa.gov/cyber-safety-review-board
CISA Contracting Office
September 20, 2022
C I S A | C Y B E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y
PERFORMANCE WORK STATEMENT
OVERVIEW
MS. ELIZABETH GAUTHIER, DEPUTY ASSOCIATE DIRECTOR, CISA SED
COUNCIL MANAGEMENT SUBDIVISION
CISA Contracting Office
September 20, 2022
Cyber Safety Review Board (CSRB)
Established in 2021 in accordance with Executive Order (EO) 14028
Convenes following a significant cyber incident to analyze what happened and make
concrete recommendations for improving cybersecurity
CISA coordinating across DHS and other U.S. Government departments and agencies,
building a foundation included by-laws, operating documents, and member selection
process
Due to the sensitive nature of the subject matter involved, the Secretary exempts the CSRB
from Public Law 92-463, The Federal Advisory Committee Act (FACA), 5 U.S.C. App.
The CSRB shall review and assess, with respect to significant cyber incidents (as defined
under Presidential Policy Directive 41 (PPD-41), United States Cyber Incident Coordination,
of July 26, 2016) affecting Federal Civilian Executive Branch (FCEB) Information Systems
or non-Federal system:
threat activity,
vulnerabilities,
mitigation activities, and
agency responses.
CISA Contracting Office
September 20, 2022
Cyber Safety Review Board (CSRB)
The CSRB will be composed of no more than 20 standing members who are appointed by
the CISA Director.
Membership shall include at least one representative from the Department of Defense, the
Department of Justice, Department of Homeland Security (DHS), CISA, the National Security
Agency, and the Federal Bureau of Investigation.
A representative from the Office of Management and Budget shall participate in CSRB activities
when an incident under review involves FCEB Information Systems.
The CISA Director, in coordination with the DHS Under Secretary for Strategy, Policy and Plans,
shall appoint individuals from private sector entities to include appropriate cybersecurity or software
suppliers.
CISA hosted the inaugural meeting for newly appointed members on February 25, 2022, to
develop and discuss the Boards objectives and initial review of the Log4j vulnerability. The
board consists of federal and private sector members.
Current CSRB Chair Robert Silvers, DHS Under Secretary for Policy
Current CSRB Deputy Chair Heather Adkins, Vice President, Security Engineering, Google
CISA Contracting Office
September 20, 2022
Task Area One: Program Management
Provide expertise in developing, supporting and coordinating project timelines and milestones for the
Cyber Safety Review Board.
Provide recommendations for strategic improvements regarding management and operations of the
Board (membership criteria, process flows, etc.).
Support Board activities, including administrative and logistical support for meetings.
Provide cybersecurity subject matter expertise on a variety of topics in support of Board activities.
Conduct background research and analysis in support of Board activities, to include consolidation,
analysis, and/or editing of technical materials such as reports of research findings, technical articles,
news releases, standard operating procedures, guidance documents, and regulations.
CYBER SAFETY REVIEW BOARD (CSRB)
VIRTUAL INDUSTRY DAY
SEPTEMBER 20, 2022
CISA Contracting Office
September 20, 2022
CISA CSRB Virtual Industry Day
CISA Stakeholder Engagement Division (SED) Virtual Industry Day
WELCOME!
20 September 2022
Hosted by:
CISA Contracting Office
Please ensure you sign in with your first name, last name and company name.
CISA Contracting Office
September 20, 2022
Agenda
Time
Topic
Speaker
10:00am -10:10am
Welcome and Introductions
Ms. Angel C. Rhone, CISA Contracting Office
10:10am - 10:15am
Ground Rules
Ms. Angel C. Rhone, CISA Contracting Office
10:15am 10:45am
Program Overview
10:45am 11:00am
PWS Overview
11:00am 11:15am
Break
Mr. Michael Clements, Associate Director, CISA SED Strategy,
Performance & Resources
Ms. Elizabeth Gauthier, Deputy Associate Director, CISA SED Council
Management Subdivision
11:15am 11:45am
CISA SED and CISA Contracting Office
11:45am 12:00pm
Way Forward
Ms. Angel C. Rhone, CISA Contracting Office
CISA Contracting Office
September 20, 2022
Ground Rules
Questions or comments may be submitted via the MS Teams chat icon. We will
make every effort to respond during the event.
Questions may also be submitted by email no later than September 27, 2022.
All questions and answers will be available within the original SAM.gov posting
approximately 15 days after the event.
Slides will be posted to the original SAM.gov notice.
Your feedback is important to us! Please take the time to complete the survey
included in the chat.
CISA Contracting Office
September 20, 2022
Disclaimer
The information we provide today reflects things as we know them today. Information
and details may change as the acquisition process moves forward.
Participation is not mandatory in order to participate in future CISA notices.
Attendance does not confer preference for contract award.
CISA Contracting Office
September 20, 2022
Industry Day Goals
To further the dialogue with industry and provide insight into the requirement
To aid in the market research process
To gather questions from industry
Questions from industry will be gathered during todays event. The questions and their
answers will be posted on SAM.gov
To encourage industry to be an active participant in the acquisition process
To allow industry to network and form teams
CISA Contracting Office
September 20, 2022
C I S A | C Y B E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y
STAKEHOLDER ENGAGEMENT DIVISION
PROGRAM OVERVIEW
MR. MICHAEL CLEMENTS, ASSOCIATE DIRECTOR
CISA SED STRATEGY, PERFORMANCE & RESOURCES
CISA Contracting Office
September 20, 2022
CISA Divisions
CISAs Mission
CISA leads the national effort to understand,
manage, and reduce risk to our cyber and
physical critical infrastructure.
DIRECTOR
Jen Easterly
DEPUTY DIRECTOR
Nitin Natarajan
EXECUTIVE DIRECTOR
Brandon Wales
SED leads CISAs national and
international partnerships and
engagements while serving as the
agencys hub for the shared stakeholder
information that advances unified risk
reduction efforts.
CISA Contracting Office
September 20, 2022
8
CISA Priorities
The CISA Workforce Attract and retain world-class talent.
Partnerships Sustain trusted partnerships between government and private sector.
Federal Cybersecurity Reduce cybersecurity risk to the Federal Civilian Executive Branch.
Critical Infrastructure Security Bolster efforts to secure cyber, physical, and
communications critical infrastructure.
Industrial Control Systems (ICS) Maintain operational focus on ICS entities.
Soft Target Security Reduce risk and impact of attacks against soft targets and crowded
places.
Climate Resilience Support information sharing among federal, state, and local partners in
preparation for extreme climate events.
CISA Contracting Office
September 20, 2022
SED Leadership and Focus Areas
Alaina Clark
Assistant Director (AD)
Trent Frazier
Deputy AD
Sector Management
Sector Risk Management
Agency functions for eight
sectors
Council Management
National and CISA advisory
councils, cross-sector councils,
CIPAC compliance
CISA International
International capacity building,
collaboration, and information
sharing
Strategic Relations
Stakeholder engagement
strategy, outreach, campaigns,
data management
Stakeholder Engagement & Partnership Management
With private industry; federal, state, local, tribal, and territorial agencies; international entities; academia,
NGOs, and non-profit organizations
CISA Contracting Office
September 20, 2022
National and International Engagements &
Partnerships
Sector and Council Management
Facilitates collaborative efforts with public and
private partners to provide subject-matter
expertise in coordinating critical infrastructure
security and resilience efforts through sector-
specific, cross-sector, and advisory councils.
Stakeholder Associations
Cultivates relationships with partner
associations across federal and state, local
tribal, and territorial (SLTT) governments,
private sector industry, academia, non-profits,
and other organizations to support and amplify
the reach of CISA programs and policies.
CISA International
Identifies international opportunities for
leadership and program-level engagement.
Represents CISA in a variety of engagements
and communicates CISAs mission,
operational requirements, and activities with
international partners
Awareness Campaigns
Shares information with the general public
and other audiences, to garner whole
community support for cybersecurity,
infrastructure security, and emergency
communications.
CISA Contracting Office
September 20, 2022
Partnership & Advisory Councils
Cross-Sector Partnership Councils
CIC-SC
Federal Senior Leadership
Council
Critical Infrastructure Cross-
Sector Council
Regional Consortium
Coordinating Council
State, Local, Tribal and Territorial
Govt Coordinating Council
Presidential Advisory Councils
CISA Advisory Council
Review Board
National Infrastructure
Advisory Council
National Telecommunications
Advisory Committee
Cybersecurity Advisory
Committee
Cyber Safety
Review Board
C=CIPAC F=FACA O=Other
CISA Contracting Office
September 20, 2022
For more information:
www.cisa.gov/cyber-safety-review-board
CISA Contracting Office
September 20, 2022
C I S A | C Y B E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y
PERFORMANCE WORK STATEMENT
OVERVIEW
MS. ELIZABETH GAUTHIER, DEPUTY ASSOCIATE DIRECTOR, CISA SED
COUNCIL MANAGEMENT SUBDIVISION
CISA Contracting Office
September 20, 2022
Cyber Safety Review Board (CSRB)
Established in 2021 in accordance with Executive Order (EO) 14028
Convenes following a significant cyber incident to analyze what happened and make
concrete recommendations for improving cybersecurity
CISA coordinating across DHS and other U.S. Government departments and agencies,
building a foundation included by-laws, operating documents, and member selection
process
Due to the sensitive nature of the subject matter involved, the Secretary exempts the CSRB
from Public Law 92-463, The Federal Advisory Committee Act (FACA), 5 U.S.C. App.
The CSRB shall review and assess, with respect to significant cyber incidents (as defined
under Presidential Policy Directive 41 (PPD-41), United States Cyber Incident Coordination,
of July 26, 2016) affecting Federal Civilian Executive Branch (FCEB) Information Systems
or non-Federal system:
threat activity,
vulnerabilities,
mitigation activities, and
agency responses.
CISA Contracting Office
September 20, 2022
Cyber Safety Review Board (CSRB)
The CSRB will be composed of no more than 20 standing members who are appointed by
the CISA Director.
Membership shall include at least one representative from the Department of Defense, the
Department of Justice, Department of Homeland Security (DHS), CISA, the National Security
Agency, and the Federal Bureau of Investigation.
A representative from the Office of Management and Budget shall participate in CSRB activities
when an incident under review involves FCEB Information Systems.
The CISA Director, in coordination with the DHS Under Secretary for Strategy, Policy and Plans,
shall appoint individuals from private sector entities to include appropriate cybersecurity or software
suppliers.
CISA hosted the inaugural meeting for newly appointed members on February 25, 2022, to
develop and discuss the Boards objectives and initial review of the Log4j vulnerability. The
board consists of federal and private sector members.
Current CSRB Chair Robert Silvers, DHS Under Secretary for Policy
Current CSRB Deputy Chair Heather Adkins, Vice President, Security Engineering, Google
CISA Contracting Office
September 20, 2022
Task Area One: Program Management
Provide expertise in developing, supporting and coordinating project timelines and milestones for the
Cyber Safety Review Board.
Provide recommendations for strategic improvements regarding management and operations of the
Board (membership criteria, process flows, etc.).
Support Board activities, including administrative and logistical support for meetings.
Provide cybersecurity subject matter expertise on a variety of topics in support of Board activities.
Conduct background research and analysis in support of Board activities, to include consolidation,
analysis, and/or editing of technical materials such as reports of research findings, technical articles,
news releases, standard operating procedures, guidance documents, and regulations.
Show All