Join Us for Our June Chapter Meeting on Tuesday, June 17, 2025 at 6:30 PM ET

We’re excited to welcome Jim Wiggins, a seasoned IT and cybersecurity expert, as our featured speaker for this month’s chapter meeting.

Using Generative AI to Support the RMF Process

Abstract
The Risk Management Framework (RMF), as outlined by NIST, remains a cornerstone of cybersecurity compliance across federal agencies and contractors. However, the RMF process is often seen as time-consuming, documentation-heavy, and labor-intensive. With the rapid emergence of Generative AI (GenAI), cybersecurity professionals now have an opportunity to reimagine how RMF tasks can be executed with greater speed, consistency, and quality.

This presentation—designed for a practitioner-level audience of cybersecurity professionals—examines how GenAI can be pragmatically applied to support and streamline each phase of the RMF lifecycle. Attendees will be guided through concrete use cases demonstrating how GenAI tools can assist with:

Generating and refining system security documentation (SSPs, POA&Ms, SARs)
Tailoring and mapping security controls based on system categorization
Assisting with control assessments and continuous monitoring narratives
Automating compliance evidence generation and cross-referencing
Enhancing audit readiness with intelligent summarization and tagging

The session will include demonstrations of prompt engineering techniques, real-world tool integrations, and examples drawn from public sector environments. Special attention will be given to challenges such as model accuracy, data security, and alignment with NIST guidance and federal mandates.

By the end of the session, attendees will walk away with a clear understanding of where GenAI fits into the RMF process today, what use cases are achievable without compromising integrity, and how to responsibly adopt these capabilities within their own cyber programs.

Speaker

Jim Wiggins is a seasoned IT and cybersecurity expert with over 28 years of industry experience, 23 of which have been dedicated to information security. He is the Founder and CEO of Securible, LLC, a Washington, DC-based cybersecurity training and consulting firm specializing in practical, forward-thinking solutions.

Through Securible, Jim has championed innovative approaches to address emerging threats, ensure regulatory compliance, and harness the power of Artificial Intelligence in IT audit, cybersecurity, governance and privacy. Throughout his distinguished career, Jim has trained well over 20,000 IT and cyber professionals, underscoring his commitment to education and the advancement of the field.

In addition to his leadership at Securible, Jim also serves as the Founder and CEO of the Federal IT Security Institute (FITSI), a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI provides role-based cybersecurity certifications designed to fortify the U.S. federal cybersecurity workforce.

Enhancing his contributions to the cybersecurity community, Jim hosts a TV show in the Washington, DC area called Cybersecurity Today. The program offers expert
insights, in-depth analysis, and the latest updates on cybersecurity trends and threats, further establishing his role as a prominent thought leader in the industry. Recognized as a Federal 100 award recipient in 2019 and the Federal Information Systems Security Educators’ Association (FISSEA) “Educator of the Year” in 2011, Jim is widely respected for his commitment to elevating cybersecurity education.

In the rapidly evolving arena of Artificial Intelligence (AI), Jim has directly trained well over 1,000 IT and cyber professionals on generative AI fundamentals through intensive sessions with the Department of the Interior’s University, the Defense Information Systems Agency (DISA), the National Risk Management Center
(NRMC) within CISA, and the Greater Washington DC Chapter of ISACA. He leverages AI-driven tools such as ChatGPT, Gemini, Dalle, Midjourney, and Copilot to translate complex concepts into practical, governance-focused applications.

Below is the list of credentials Jim currently holds:
• Cybersecurity: CISM, CISA, CRISC, CDPSE, CISSP, ISSEP, CGRC (CAP), SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and FITSP-M.
• Information Technology: MCITP, MCSE: Security, MCSE: Messaging, MCSA, MCDST, Server+, Network+, A+.
• Project Management: PMP (Project Management Professional).
• Education: ICE-CCP (I.C.E. Certified Credentialing Professional).

Jim is currently working on a Master’s Degree in Education from George Washington University with a concentration in Assessment, Testing, and
Measurement (sometimes called psychometrics).

Registration is required to attend this session. Don’t miss it!