Please report any problems to the Shared Tools Team at    Broken Links? Missing Macros? WIKI Retiring Plugins
Child pages
  • CDM Policy Meeting 2016-05-31
Skip to end of metadata
Go to start of metadata

Continuous Diagnostics and Mitigation Policy Stakeholders Team

May 31, 2016, 3:00-4:00, Rm 2281 CS

Wiki page:

Google Apps folder


  1. Agenda Review
  2. Review the revised team charter
    Handout: Revised Charter

    • Revised charter is OK.
    • We can proposed revisions in the future if we need to.
  3. Process overview: Review Bob's UW-MIST May 5th presentation, and the CDM Cycle diagram (adapted from NIST SP 800-137)
    Presentation (Jeff Savoy)
    Handout:  Presentation slides from CISO, and NIST diagram from CISO

    • It was noted that both NIST (ISCM) and Department of Homeland Security (CDM) mainly provide a high level description.
    • SANS provides more detailed guidance on critical security controls that need to be monitored.
  4. Review UW-MIST discussion results
    Handout: Discussion results (clustered) (Wiki login required)

    • Considerable discussion that lead to a number of possible recommendations the team could make. See the preliminary draft of the the recommendations, on UW Box.
    • We raised the possibility of producing interrim recommendations by end of July, in order to provide early input into the work on ATP implementation.
  5. Next steps
    QUESTION: Do we have enough data from the UW-MIST discussion results, or do we need to do further brainstorming?

    • For next meeting: 
      • It does not appear that we need to do additional brainstorming. We can start refining and adding to the recommendations we've already identified.
      • Gary will check with Jeff and Steve (co-chairs) to create the agenda for the next meeting.
    • Before next meeting:
      • TBD. Will communicate via the list, as needed.

Ground Rules

  1. Everyone must be treated respectfully, whether present or not.
  2. Everyone present who wants to speak on a topic must have a chance to speak.
  3. Attend more often than not, and review materials when you can't attend.
  4. Don't be shy, or worry about perception of an idea - we need open borders for these discussions.
  5. Let's park side issues or extensive detail for future work by this team, or others.

Future agenda items

  • Brainstorming
  • Identify major themes, prioritize
  • Start up between-meeting research on theme(s)
  • Work through a major theme (theme TBD)
  • Review draft recommendation language for the theme discussed at the previous meeting, start working through next major theme
    • continue for as many themes as there are (we have time for 4, maybe 5 major themes)
  • Review draft recommendataion language for final theme.
  • Review draft executive summary
  • Review the rest of the report.
  • Plan presentation to UW-MIST

Future Meetings

Parked Items

  • ...

Team Members

Steve Barnet (co-chair)ICECUBETomomi ImamuraCybersecurityCurt ShombergL&S MIS
Gary De Clute (facilitator)IT PolicyKalaichelvan JesuthasanHousingJustin VorelHuman Ecology
Dave De CosterCAEJeff Savoy (co-chair)CybersecuritySusan WeierL&S
Siggi EckhardtCybersecurityDan SimanekVCRGEJosh ZimmermanLibraries


File Size Creator Created Comment

CDM Discussion Brief to UW-MIST_Final_05May2016.pdf



May 24, 2016 15:04 2016-05-05 CDM Brief to UW-MIST (PDF)

CDM Discussion Brief to UW-MIST_Final_05May2016.pptx



May 24, 2016 14:33 2016-05-05 CDM Brief to UW-MIST

Continuous Diagnostics and Mitigation Cycle.docx



May 24, 2016 15:04 CDM Cycle Diagram from 2016-05-05 CDM Brief to UW-MIST




May 24, 2016 15:03 NIST SP 800-137 Information System Continuous Monitoring (a.k.a Continuous Diagnostics and Mitigation)


  • No labels