X-CGP-ClamAV-Result: CLEAN X-VirusScanner: Niversoft's CGPClamav Helper v1.25a (ClamAV 1.0.1/26889) Return-Path: Sender: To: CNI-ANNOUNCE Date: Thu, 27 Apr 2023 09:15:51 -0400 Message-ID: X-Original-Return-Path: Received: from [73.160.73.173] (account clifford@cni.org HELO [192.168.1.12]) by cni.org (CommuniGate Pro SMTP 6.2.15) with ESMTPSA id 40581745 for cni-announce@cni.org; Wed, 26 Apr 2023 23:03:23 -0400 X-Original-Date: Wed, 26 Apr 2023 23:03:23 -0400 From: Cliff Lynch X-Original-To: cni-announce@cni.org X-Original-Message-ID: <20230426230323100335.38719535@cni.org> Subject: Spring 2023 Meeting of National Academies Forum on Cyber Resilience MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: GyazMail version 1.7.1 On April 24-25 (this last Monday and Tuesday) I had an opportunity to watch the livestreams of the public segments of the Spring 2023 Meeting of the National Academies Forum on Cyber Resilience. This is a standing discussion forum that meets twice a year (as distinct from National Academies Committees which are convened to produce a study report), often with sessions focused on a single topic such as cryptographic agility; I've shared the outputs of some of these meetings with our community in the past. This spring the meeting covered a wide range of fascinating topics; you can find links to the recordings of the livestreams and the agenda for the meeting at https://www.nationalacademies.org/event/04-24-2023/spring-2023-meeting-of-the-forum-on-cyber-resilience Briefly, day 1 started with a summary and really informative discussion of the National Plan for an AI Research Resource; followed by a discussion of the current state of migration to post-quantum cryptographic systems (which included a lot of fascinating detail about the differing approaches of government agencies and the Internet Engineering Task Force). Day 1 concluded with a discussion of the characterization of cyberattacks on Ukraine, which contained a lot of information I hadn't seen before. Day 2 started with a discussion of recovery and restart mechanisms to regain control of potentially compromised systems, a very important and under-examined issue. It concluded with additional presentations on how Ukraine has been approaching cyber-resilience and what we may be able to learn from this. Clifford Lynch Director, CNI