Please report any problems to the Shared Tools Team at st-help@doit.wisc.edu    Broken Links? Missing Macros? WIKI Retiring Plugins
Child pages
  • CDM Policy Meeting 2016-12-07
Skip to end of metadata
Go to start of metadata

Continuous Diagnostics and Mitigation Policy Stakeholders Team

Dec 07, 2016, 3:00-4:00, Rm 2281 CS

Wiki page: https://wiki.doit.wisc.edu/confluence/display/POLICY/CDM+Policy

UW Box folder.

Agenda

  1. Agenda Review & Notes from previous meeting .
     
  2. Discussion of "Policy and Procedures" theme
    Handout: CDM Policy Recommendations (email from Steve)
      
    Action:
    • In the policy and procedures:
      • Include material from "Guidance for Initial Implementation of Advanced Threat Protection". That document in an interim solution until policy and procedures are in place, so it addresses many policy issues.
      • The Cybersecurity Data Management Plan will address detailed issues such as collection, access, business use, storage, transmission, monitoring, retention, archive, disposal, etc. for CDM data.  Policy and/or Procedures can reference that plan.
      • The other recommendation of the CDM Team can contribute material
        • Services
          • Many policy issues are mentioned in the outline.
        • Operations (already drafted)
          • Many policy issues are mentioned.
        • Staffing and Resources
          • Policy and procedures need to be cognizant of resource limitations.
        • Decision-making (a.k.a. governance) (already drafted)
          • Policy and procedures need to establish a decision-making process.
      • Be sure to include:
        • Ability to reference the raw data from your own unit
        • Text that discusses the important of understanding the limits of what is possible, and keeping expectations in line with available resources.
          • Is intended to provide support for distributed IT staff who might be expected to do too much by a risk executive who is not closely enough connected to their IT operation.
        • Avoid collecting data that we won't actually use, flip side, only collect what we can actually use, and keep is only as long as we need it for that use.
    • Make the initial review period for the policy 6 months (rather than one year which is more typical for a new policy.)
      • After policy has been around for awhile, can move to one year review, and eventually to the usual two year review period.
    • Sent the team a couple of example policies that have substantive implementation procedures, so the team can get an idea of what the policy and procedures of that kind look like.
    • Team will get to review the draft proposal and draft policy before wider review (i.e. before UW-MIST, the 'TAG's, etc.) to assure that the drafts are consistent wth team recommendations, or to hear why it varies from that, if necessary.
            
  3. Meeting schedule:
    1. Do we want to meet on Dec 21?
        
    2. QUESTION 1:Two meetings are currently scheduled in Jan, on the 11th and the 18th.
      (They are only one week apart to avoid having a meeting too soon after the holidays.)
        
      QUESTION 2: Would you prefer to meet on Jan 4th instead of Jan 11th?
        
    3. Deliver final draft of report to UW-MIST on Feb 02.
      
    Action:
    • We will not need on the 21st.
    • We will meet on the 11th and 18th as orignally scheduled.
    • We will deliver the final report to UW-MIST on Feb 02.
       
  4. Review of first draft of the report, which includes the Operations and Governance themes.
    Handout: Draft report, v2016-12-03a
       
    Action:
    • Gary will schedule a meeting of the services sub-team, ASAP, to draft the services recommendations
    • Gary will draft the policy recommendations, and the staffing and resources recommendation.
    • Governance and Operations recommendation language is drafted. Please review.
    • Executive summary is drafted. Please review. Will be updated as recommendation language changes.
    • All drafts need to be ready by Jan 09. (Two days before our next meeting.)
           
  5. Next steps

    Action:
    • Before next meeting:
      • Look over proposed language in more detail.
      • Send edits or ideas to Gary. 
      • Send ideas for appendices to support the recommendations.
      • Deadline Jan 09.
          
    • For next meeting:
      • Review of full draft of report
          
    • Further out:
      • Attend Jan 05 UW-MIST meeting, if practical. There will ATP project status, and/or other info on ATP and CDM.
      • Plan to deliver final draft of report to UW-MIST on Feb 02.

Ground Rules

  1. Everyone must be treated respectfully, whether present or not.
  2. Everyone present who wants to speak on a topic must have a chance to speak.
  3. Attend more often than not, and review materials when you can't attend.
  4. Don't be shy, or worry about perception of an idea - we need open borders for these discussions.
  5. Let's park side issues or extensive detail for future work by this team, or others.

Future agenda items

  • Review full draft language for the report (12/21, might need to reschedule into January)
  • Review draft of report (the result of proposed changes needs to be very close to the final draft) (01/11)
  • Final discussion on the report. Approve final draft report (01/18)
  • Plan presentation to UW-MIST (01/18)

Future Meetings

Parked Items

  • ...

Team Members

MemberDeptMemberDeptMemberDept
Steve Barnet (co-chair)ICECUBETomomi ImamuraCybersecurityCurt ShombergL&S MIS
Gary De Clute (facilitator)IT PolicyKalaichelvan JesuthasanHousingJustin VorelHuman Ecology
Dave De CosterCAEJeff Savoy (co-chair)CybersecuritySusan WeierL&S
Siggi EckhardtCybersecurityDan SimanekVCRGEJosh ZimmermanLibraries

Attachments

File Size Creator Created Comment

CDM Final Report to UW-MIST-v2016-12-03a(draft).docx

718035

GARY W DECLUTE

Dec 05, 2016 12:17 2016-12-03 version Rev a

cdm Policy recommendations.pdf

14657

GARY W DECLUTE

Nov 07, 2016 14:11  

Contact

  • No labels