Sender: <cgplmgr@cni.org>
To: CNI-ANNOUNCE
Date: Thu, 27 Apr 2023 09:15:51 -0400
Message-ID: <redirect-40582927@cni.org>
From: Cliff Lynch <cliff@cni.org>
Subject: Spring 2023 Meeting of National Academies Forum on Cyber Resilience
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

On April 24-25 (this last Monday and Tuesday) I had an opportunity to watch the livestreams of the public segments of the Spring 2023 Meeting of the National Academies Forum on Cyber Resilience. This is a standing discussion forum that meets twice a year (as distinct from National Academies Committees which are convened to produce a study report), often with sessions focused on a single topic such as cryptographic agility; I've shared the outputs of some of these meetings with our community in the past.

This spring the meeting covered a wide range of fascinating topics; you can find links to the recordings of the livestreams and the agenda for the meeting at

https://www.nationalacademies.org/event/04-24-2023/spring-2023-meeting-of-the-forum-on-cyber-resilience

Briefly, day 1 started with a summary and really informative discussion of the National Plan for an AI Research Resource; followed by a discussion of the current state of migration to post-quantum cryptographic systems (which included a lot of fascinating detail about the differing approaches of government agencies and the Internet Engineering Task Force). Day 1 concluded with a discussion of the characterization of cyberattacks on Ukraine, which contained a lot of information I hadn't seen before. 

Day 2 started with a discussion of recovery and restart mechanisms to regain control of potentially compromised systems, a very important and under-examined issue. It concluded with additional presentations on how Ukraine has been approaching cyber-resilience and what we may be able to learn from this. 

Clifford Lynch
Director, CNI