- What is the SSP?
- The Hardware & Software Lists
- Network Topology
- Security Controls
- People-Process-Technology Triad
- System Security Plan Quiz
There are 110 explicit security controls from NIST 800-171, revision 1, extracted from NIST’s core cybersecurity document, NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, that are considered vital. This is a highly pared down set of controls for the purposes of Industry’s requirements to meet federal government cybersecurity contracting requirements. There are over 1000 potential controls offered from NIST 800-53 revision 4; this more expansive set of controls is used extensively by DOD to protect its IT systems from its jet-fighters to its vast personnel databases.
This SSP is based upon the NIST and National Archives and Records Administration (NARA) templates and provides a greater clarification to the company or agency representative, business owner, and their IT staff. This book is intended to focus business owners and their IT support staff on what is required to create and complete a System Security Plan (SSP) that sufficiently meets the NIST 800-171, revision 1, requirements. Companies need to focus on a “good faith” effort on how to best address these controls to the government—and, it more importantly will help the business protect its own sensitive data and Intellectual Property (IP).
Strategies for turning difficult conversations into opportunities to attain business goals and reduce team issues.
TOR: What, How, When & Why? How to Become Anonymous in 2017?
"A great introduction to four of Googles most popular tools - Gmail, Google Drive, Google Docs and Google Calendar"
Selenium Automation Testing | Selenium Java | Selenium Automation with Java | Selenium Testing for beginners
Learn the skills that Microsoft want you to know in Excel 2019. Prepare for the MOS specialist certification MO-200.
About the instructors
- 3.74 Calificación
- 6709 Estudiantes
- 2 Cursos
Cybersecurity Expert @ Udemy
Mr. Russo is currently the Senior Information Security Engineer within the Department of Defense's (DOD) F-35 Joint Strike Fighter program. He has an extensive background in cybersecurity and is an expert in the Risk Management Framework (RMF) and DOD Instruction 8510 which implements RMF throughout the DOD and federal government. He holds both a Certified Information Systems Security Professional (CISSP) certification and a CISSP in information security architecture (ISSAP). He holds a 2017 certification as a Chief Information Security Officer (CISO) from the National Defense University, Washington, DC. He retired from the US Army Reserves in 2012 as the Senior Intelligence Officer.
He is the former CISO at the Department of Education where in 2016 he led the effort to close over 95% of the outstanding US Congressional and Inspector General cybersecurity shortfall weaknesses spanning as far back as five years.
Mr. Russo is the former Senior Cybersecurity Engineer supporting the Joint Medical Logistics Development Functional Center of the Defense Health Agency (DHA) at Fort Detrick, MD. He led a team of engineering and cybersecurity professionals protecting five major Medical Logistics systems supporting over 200 DOD Medical Treatment Facilities around the globe.
In 2011, Mr. Russo was certified by the Office of Personnel Management as a graduate of the Senior Executive Service Candidate program.
From 2009 through 2011, Mr. Russo was the Chief Technology Officer at the Small Business Administration (SBA). He led a team of over 100 IT professionals in supporting an intercontinental Enterprise IT infrastructure and security operations spanning 12-time zones; he deployed cutting-edge technologies to enhance SBA’s business and information sharing operations supporting the small business community. Mr. Russo was the first-ever Program Executive Officer (PEO)/Senior Program Manager in the Office of Intelligence & Analysis at Headquarters, Department of Homeland Security (DHS), Washington, DC. Mr. Russo was responsible for the development and deployment of secure Information and Intelligence support systems for OI&A to include software applications and systems to enhance the DHS mission. He was responsible for the program management development lifecycle during his tenure at DHS.
He holds a Master of Science from the National Defense University in Government Information Leadership with a concentration in Cybersecurity and a Bachelor of Arts in Political Science with a minor in Russian Studies from Lehigh University. He holds Level III Defense Acquisition certification in Program Management, Information Technology, and Systems Engineering. He has been a member of the DOD Acquisition Corps since 2001.
The description is good and simple. However, the volume of the course and some background noises are not helpful to stay engaged. Dynamics examples would help for a better understand
My only complaint is that it is dated (2017/2018) so that revisions to SP 800-171 are not available and there is no mention of CMMC.
Excellent course to prep you to understand the NIST RMF tenants.
good information provided.