Chapter Business Meeting Slides: 2019-09-25-Meeting-Presentation.pdf
Topic: .govCAR: Threat Based Cyber Capability Review
The Cybersecurity and Infrastructure Security Agency (CISA) developed the .govCAR methodology to take a threat-based approach to cybersecurity risk management. .govCAR represents an evolution in managing cybersecurity —an advancement from the traditional consequence (compliance) and vulnerability (cyber hygiene) based approaches. This next-generation approach looks at cybersecurity capabilities the same way an adversary does to directly identify areas where mitigations should be applied for best defense. .govCAR creates opportunities for organizations to make their own threat-informed risk decisions and develop a prioritized approach to reducing risk to known threats. .govCAR is vendor agnostic and does not evaluate specific vendors or products.
The speaker will walk the audience through the concept of threat based architecture reviews and will discuss how cybersecurity threat framework and architectural cybersecurity capabilities come together to allow organizations to improve their cybersecurity posture.
Speaker: Branko S. Bokan, Department of Homeland Security
Branko Bokan is a Cybersecurity specialist with the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS). In his role, Branko assists federal agencies to adopt the .govCAR methodology. A proud holder of all three ISC2 CISSP concentrations (ISSAP, ISSEP, ISSMP), Branko also teaches cybersecurity as an adjunct professor at a local university.