Forums are held 2-3 times / year and are FREE and OPEN TO THE PUBLIC; registration is required.
ABOUT:
Cyber risk has become a topic of core strategic concern for business and government leaders worldwide and is an essential component of an enterprise risk management strategy. The Software and Supply Chain Assurance Forum (SSCA) provides a venue for government, industry, and academic participants from around the world to share their knowledge and expertise regarding software and supply chain risks, effective practices and mitigation strategies, tools and technologies, and any gaps related to the people, processes, or technologies involved.
The effort is co-led by the National Institute of Standards and Technology (NIST), the Department of Homeland Security (DHS), the Department of Defense (DoD), and the General Services Administration (GSA). Participants represent a diverse group of career professionals including government officials, chief information security officers, those in academia with cybersecurity and supply chain specialties, system administrators, engineers, consultants, vendors, software developers, managers, analysts, specialists in IT and cybersecurity, and many more fields.
SSCA forums are held 2-3 times/year and are free and open to all interested parties.
While the general intent is to share information, the SSCA Forum also offers government and private sector participants, including international participants, an opportunity to openly collaborate by presenting and receiving feedback on current and potential future work. Most events are two to three days long and contain a mixture of discussion and presentation; interaction is always strongly encouraged. To encourage open interaction, SSCA Forum meetings operate under the Chatham House Rule, meaning “participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed,” though many speakers allow NIST to post their presentations on this website.
To receive information about upcoming meetings and related publications and activities, please sign up for the sw.assurance Google Group - operated by NIST- here: https://groups.google.com/a/list.nist.gov/forum/#!forum/sw.assurance
HISTORY:
The forum, initially called the Software Assurance (SwA) Forum and Working Groups, was initiated in 2003 as a Department of Homeland Security (DHS)-sponsored Cross-Sector Cyber Security Working Group (CSCSWG) established under auspices of the Critical Infrastructure Partnership Advisory Council (CIPAC) that provides legal framework for public-private collaboration and participation. Its purpose was to bring together a stakeholder community to protect the Nation’s key information technologies, most of which are enabled and controlled by software. Over time, the community evolved and broadened the scope to include additional focus on the supply chain. Events were held quarterly; Summer and Winter sessions were intended for working group-type discussions while the Spring and Fall sessions were reserved for more traditional forum presentations.
PAST EVENTS:
As of 2014, the Forums are operated under the Chatham House Rule, meaning “participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed”. On occasion, a speaker may wish to provide their slides to the group, in which case links to those presentations will be embedded in the corresponding agendas here:
Spring 2019: May 8-9, 2019
Winter 2018: December 18-19, 2018
Fall 2018: September 26-27, 2018
Spring 2018: May 1-2, 2018
Winter 2017: December 12-13, 2017
Summer 2017: August 29-30, 2017
Spring 2017: March 15-17, 2017
Winter 2016: December 13-15, 2017
Fall 2016: October 4-5, 2016
Summer 2016: July 13-15, 2016
Spring 2016: March 8-9, 2016
Winter 2015: December 1-3, 2015
Fall 2015: August 31-September 1, 2015
Summer 2015: June 2-4, 2015
Spring 2015: March 9-11, 2015
Winter 2014: December 15-18, 2014
Fall 2014: September 24-25, 2014
Summer 2014: June 9-11, 2014
Spring 2014: March 18-20, 2014
Agendas and presentations for events prior to 2014 are not available.
Summer 2013: June 25-27, 2013
Spring 2013: March 5-7, 2013
Fall 2012: September 18-20, 2012
Summer 2012: June 26-28, 2012 (Part 2)
Summer 2012: June 26-28, 2012 (Part 1)
Spring 2012: March 26-29, 2012
Winter 2011: November 28-December 2, 2011
Fall 2011: September 12-16, 2011
Spring 2011: February 28-March 4, 2011
Winter 2010: December 14-16, 2010
Summer 2010: June 21-23, 2010