T3 Webinar Overview
Applying the NIST Cybersecurity Framework to Connected Vehicle Deployments
Date: Wednesday, February 26, 2020
Time: 1:00 PM - 2:30 PM ET
Cost: All T3 webinars are free of charge.
PDH: 1.5 View PDH Policy
T3 and T3e Webinars are brought to you by the Intelligent Transportation Systems (ITS) Professional Capacity Building (PCB) Program of the U.S. Department of Transportation’s (USDOT) ITS Joint Program Office (JPO). References in this webinar to any specific commercial products, processes, or services, or the use of any trade, firm, or corporation name is for the information and convenience of the public, and does not constitute endorsement, recommendation, or favoring by the USDOT.
Background
To support the emerging deployment of connected vehicle (CV) deployments across the U.S., ITS JPO sponsored the creation of Cybersecurity Framework Profiles. The Connected Vehicle Profile provides consistent cybersecurity guidance for deployers of CV environments. The profile is based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), which is voluntary guidance based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications among both internal and external organizational stakeholders. This webinar will explain the benefits of the profile and how to use it.
There will be a follow-up webinar on March 10, 2020 that will focus on cybersecurity and how it relates to privacy. Additional information will be available soon.
Target Audience
The target audience includes ITS and CV practitioners and researchers, State and local departments of transportation, and others with an interest in managing cybersecurity risks in CV deployments.
Learning Objectives
The objectives of the webinar are to provide the audience with:
- A better understanding of the benefits of the NIST CSF.
- Guidance on how to develop a cybersecurity profile for CV deployments.
- Some examples of how the framework was applied to the CV pilots and the Ann Arbor CV environment.
Host
Ray Resendes, Principal Technical Advisor, Electronics Engineer, Volpe National Transportation Systems Center, USDOT
Mr. Resendes has over 25 years of experience in ITS and transportation safety. He specializes in the areas of CVs and vehicle automation and transportation cybersecurity. He is currently a Principal Technical Advisor for the USDOT’s Volpe National Transportation Systems Center, which helps the transportation community navigate its most challenging problems by anticipating and addressing emerging issues and advancing technical, operational, and institutional innovations across all modes.
Ray was formally the Executive Director of the Virginia Tech Transportation Institute (VTTI) National Capital Region, where he managed the Virginia Connected and Automation Test Bed. He was the Chief of Advanced Vehicle Safety Research at the National Highway Traffic Safety Administration (NHTSA), where he created the CV program. Ray previously led the Intelligent Vehicle Initiative and Automated Highway Systems programs for ITS JPO. He received a BS in Electrical and Computer Engineering from the University of Buffalo in 1987 and an MS in Administration from Central Michigan University in 1990.
Presenters
Julie Snyder, Principal and Privacy Domain Capability Area Lead, MITRE National Cybersecurity Federally Funded Research and Development Center (FFRDC)
Ms. Snyder is a Principal and the Privacy Domain Capability Area Lead for the MITRE National Cybersecurity Federally Funded Research and Development Center (FFRDC). She provides privacy and cybersecurity risk management support to defense, intelligence community, and civilian Federal agencies and critical infrastructure industries in the U.S. as well as cybersecurity readiness support to the Government of Japan for the Tokyo 2020 Olympics. In FY18-19, Julie played a leadership role for the National Cybersecurity Center of Excellence (NCCoE) team that supported the Volpe Center in developing cybersecurity and privacy guidance for connected vehicle programs. Julie has also supported development of government security and privacy standards, including NIST SP 800-37, Rev 2, the anticipated NIST SP 800-53, Rev 5, and NIST SP 800-150, as well as the Committee on National Security Standards (CNSS) instruction for protecting personally identifiable information (PII) in information systems (CNSSI No. 1253 Privacy Overlays), and various CSF profiles. In recent years, Julie served as a speaker at NIST’s CSF workshops and facilitator at Privacy Framework workshops. Julie earned her BBA in Information and Operations Management (MIS) from Texas A&M University, is a member of the International Association of Privacy Professionals (IAPP) Professional Faculty, and holds the Certificate in Investment Performance Measurement (CIPM), CIPP/G (U.S. Government), CIPP/US (U.S. private sector), and Certified Information Privacy Technologist (CIPT) certifications.
David Weitzel, MS, JD, CIPP/G/US, Cybersecurity Standards & Policy Principal, NIST NCCoE FFRDC
Mr. Weitzel is a Cybersecurity Principal for MITRE’s National Cybersecurity Federally Funded Research and Development Center (NCF) supporting the NIST NCCoE. Currently, David is coordinating a team developing a series of Cyber Security Framework Profiles in the maritime, oil, and natural gas industries; election systems; and intelligent transportation systems. Prior to his current project, Mr. Weitzel worked with industry to develop a use case for health care security and privacy concerning medical devices and was the NCF Organizational Conflicts of Interest Officer. Prior to his return to MITRE, Mr. Weitzel was a Director in the Washington Federal Practice of PricewaterhouseCoopers and a Senior Principal at Mitretek Systems (now Noblis). Mr. Weitzel is a regular speaker on cybersecurity and the intersection of policy and technology. He is the co-author of the Federal privacy law chapter of the International Association of Privacy Professionals book on government privacy. He is a co-chair of the American Bar Association’s (ABA’s) Privacy and Computer Crime Committee and the project chair of several cybersecurity books published by the ABA. He received his BA at St. John’s College, his MS at Johns Hopkins University, and his JD at The Catholic University of America, Columbus School of Law. He is a member of the Virginia Bar and is an IAPP CIPP/G/US.