Colorado Rocky Mountain Chapter - ACP
Connect with your colleagues
  • Home
  • About ACP
    • Meet the CRMC Board
    • ACP-CRMC Bylaws
    • National ACP
    • Contact the Chapter
  • Join ACP!
  • News
  • Events
    • Upcoming Events
    • Past Meetings >
      • 2023 >
        • April 2023
      • 2022 >
        • February 2022
      • 2021 >
        • July 2021
        • June 2021
        • May 2021
        • April 2021
        • March 2021
        • February 2021
        • January 2021
      • 2020 >
        • October 2020
        • September 2020
        • August 2020
        • July 2020
        • June 2020
        • May 2020
        • April 2020
        • March 2020
        • February 2020
        • January 2020
      • 2019 >
        • January 2019
        • February 2019
        • May 2019
        • June 2019
        • July 2019
        • October 2019
        • November 2019
      • 2018 >
        • January 2018
        • February 2018
        • March 2018
        • April 2018
        • May 2018
        • June 2018
        • July 2018
        • August 2018
        • October 2018
      • 2017 >
        • January 2017
        • February 2017
        • June 2017
    • Calendar
  • Industry
  • Resources & Training
    • Expo & Training
  • Jobs
  • Chapter Sponsors
  • April 2023

May 2021 Chapter Meeting
​
Deconstructing the FUDD Chain:
NIST Risk Management Framework

If you are in the DRBC profession, you are very familiar with the propensity for the industry to use acronyms.  Within the Cyber community, even more so!  Our speaker for May, Jennifer Kurtz, is an expert on the topic of Cyber continuity (and all the acronyms!), and she shared her expertise with our members and guests.  Her presentation covered the basics of the NIST (National Institute of Science and Technology) Risk Management Framework (RMF), with extensive coverage of the FUDD (Fear, Uncertainty, Doubt, and Disinformation) affecting those of us who plan, prepare, test, exercise, and respond to natural or manmade disasters.
 
Jennifer discussed the relationship of Cyber events with other types of hazards to which the Risk Management Framework approach is applied. Cyber has led the news stories in recent days:
  • The “Darkside” attack on the 5.5K pipeline in the eastern US extracted a $4.4M payout; some demands exceed $25M
  • The Conti ransomware group has targeted 16 US healthcare and first responder networks
  • Hackers steal files and encrypt servers and workstations, then set up an online portal to collect payments; stolen data is sold or posted publicly if the ransom demands are not paid
 
Jennifer reviewed the seven steps within the RMF and outlined the tools and equipment needed for the practice.
 
Jennifer also provided an example of a Cloud Consumer Bill of Rights and included a matrix of top cyber security industry resources.
  • Cloud Computing Bill of Rights
  • Cyber Security Resource Matrix
 

Speaker:
Jennifer Kurtz is cyber program director for Manufacturer's Edge, Colorado's NIST manufacturing extension partner. She also participates in the following:
  • NIST MEP Cybersecurity Steering Group (Manufacturing Extension Partnership Program)
  • Colorado Cybersecurity Leaders Collaborative
  • Consultant with the Denver Metro and Pikes Peak SBDCs (Small Business Development Centers)
  • Cybersecurity industry advisory group for Arapahoe Community College
  • Board member of the Colorado Rocky Mountain Chapter of the Association of Continuity Professionals
  • Faculty member at Ball State University and Regis University.
She is author of Hacking Wireless Access Points: Cracking, Tracking, and Signal Jacking (Elsevier/Syngress: 2016) and the data leakage prevention (DLP) technology chapter of The Data Breach and Encryption Handbook (ABA: 2011). She has written numerous articles and book chapters on cybersecurity, eGovernment, and women in technology.
 
Jennifer was a member of the National Security Council Staff, the Council on International Economic Policy, and the US Arms Control and Disarmament Agency. She holds an MBA and PMP certification, as well as a BA in international studies from The American University in Washington, DC.



​© 2022 Association of Continuity Professionals - Colorado Rocky Mountain Chapter