Introduction
- What is the SSP?
- The Hardware & Software Lists
- Network Topology
- Security Controls
- People-Process- Technology Triad
- System Security Plan Quiz
What you'll learn
- Understand the principles of developing a System Security Plan (SSP) to meet federal contract requirements for NIST 800-171
- Be able to formulate and assemble the artifacts needed to complete an SSP for federal contract professionals
- Be able to support small to medium businesses to effectively submit a complete NIST-based SSP to meet contract requirements
Description
There are 110 explicit security controls from NIST 800-171, revision 1, extracted from NIST’s core cybersecurity document, NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, that are considered vital. This is a highly pared down set of controls for the purposes of Industry’s requirements to meet federal government cybersecurity contracting requirements. There are over 1000 potential controls offered from NIST 800-53 revision 4; this more expansive set of controls is used extensively by DOD to protect its IT systems from its jet-fighters to its vast personnel databases.
This SSP is based upon the NIST and National Archives and Records Administration (NARA) templates and provides a greater clarification to the company or agency representative, business owner, and their IT staff. This book is intended to focus business owners and their IT support staff on what is required to create and complete a System Security Plan (SSP) that sufficiently meets the NIST 800-171, revision 1, requirements. Companies need to focus on a “good faith” effort on how to best address these controls to the government—and, it more importantly will help the business protect its own sensitive data and Intellectual Property (IP).
The University of Sheffield
Other Courses
Fiverr Course - Complete Fiverr Freelancing Course
The Complete Course for learn Fiverr Freelancing In One course 100% Practically in English in 2024
Beginners Binary Options Training Course
Learn The Fundamentals of Trading Binary Options
Basic PHP Development with Bootstrap, GitHub and Heroku
Learn to develop a basic PHP application using Bootstrap 4, upload to source control and publish to the web with Heroku
How To Maximize Your Leadership
If you want to learn how to be a leader then this course is for you!
How To Automate Your Business Social Media!
Discover how to automate social media for your business. Free social media management tools for novice to professionals!
About the instructors
- 4.41 Calificación
- 11176 Estudiantes
- 2 Cursos
MARK RUSSO
Cybersecurity Expert @
Dr. Russo is currently the Senior Information Security Engineer within the Department of Defense’s (DOD) F-35 Joint Strike Fighter program. He has an extensive background in Cybersecurity and is an expert in the Risk Management Framework (RMF) and DOD Instruction 8510, which implement RMF throughout the DOD and federal government. He holds a Certified Information Systems Security Professional (CISSP) certification and a CISSP in information security architecture (ISSAP). He has a 2017 Chief Information Security Officer (CISO) certification from the National Defense University, Washington, DC. He retired from the US Army Reserves in 2012 as the Senior Intelligence Officer.
He is the former CISO at the Department of Education. In 2016, he led the effort to close over 95% of the outstanding US Congressional and Inspector General cybersecurity shortfall weaknesses spanning as far back as five years.
In 2011, Dr. Russo was certified by the Office of Personnel Management as a Senior Executive Service Candidate program graduate.
From 2009 through 2011, Dr. Russo was the Chief Technology Officer of the Small Business Administration (SBA). He led a team of over 100 IT professionals in supporting an intercontinental Enterprise IT infrastructure and security operations spanning 12 time zones; he deployed cutting-edge technologies to enhance SBA’s business and information-sharing operations supporting the small business community. Dr. Russo was the first-ever Program Executive Officer (PEO)/Senior Program Manager in the Office of Intelligence & Analysis at Headquarters, Department of Homeland Security (DHS), Washington, DC. Dr. Russo was responsible for developing and deploying secure Information and Intelligence support systems for OI&A, including software applications and systems to enhance the DHS mission. During his tenure at DHS, he was responsible for the program management development lifecycle.
He holds a Master of Science from the National Defense University in Government Information Leadership with a concentration in Cybersecurity and a Bachelor of Arts in Political Science with a minor in Russian Studies from Lehigh University. He holds Level III Defense Acquisition certification in Program Management, Information Technology, and Systems Engineering. He has been a member of the DOD Acquisition Corps since 2001.
Student feedback
4.45
Course Rating
Reviews
Varun Vora
23-04-2024
good
Muhammad Jamal
23-03-2024
yes
Rehan Kamal
19-06-2023
Poor presentation, poor recording quality, not much insight into the subject, waste of time.