By Kathryn Daily, CISSP, CAP, RDRP Recently our regional grocery store chain notified their employees and customers that they had a data breach involving some HR data and pharmacy records. The breach was caused by a vulnerability in the Accellion file sharing system which the grocery chain immediately stopped using. As I was perusing the…
By Lon J. Berman, CISSP, RDRP More than ten years ago, RMF came into existence with the intention of becoming the “unified information security framework for the federal government”. With widespread adoption of RMF throughout most federal civil agencies, DoD components and intelligence community agencies, it is safe to say that goal has been met.…
By Philip D. Schall, Ph.D., CISSP, RDRP At IT Dojo, we often have conversations with our students on the topic of taking formal classroom RMF training. In the modern digital landscape, we are able to learn about and complete projects we never thought possible twenty years ago through free online resources. The internet has enabled…
Below is a list of upcoming Guaranteed to Run Cisco classes running in Live Remote Online format that are coming up. If you are interested, please reach out to Nick@itdojo.com. Details and pricing provided upon request. CLCOR: Implementing Cisco Collaboration Core Technologies 02-22 to 02-26 ENWLSD: Designing Cisco Enterprise Wireless Networks 03-01 to 03-05 SDWADV: Cisco SD-WAN…
By Lon J. Berman, CISSP, RDRP Q. The Risk Management Framework (RMF) life cycle is comprised of how many steps? A. Oh, that’s easy, it’s six. Well … not so fast. As you probably know, the Risk Management Framework (RMF) has always been described as a six step process, to wit: 1-Categorize, 2- Select, 3-Implement,…
By Kathryn Daily, CISSP, CAP, RDRP Back in September of last year (2020), NIST finally published the final version of Special Publication 800-53 Revision 5. Most notably, this revision incorporated privacy considerations in the security controls themselves rather than having separate control families for the privacy controls (e.g., AR, AP, IP, etc.). This is a…
By Marilyn Fritz, CISSP, CISA, ITIL, PMP The new DFARS Interim Rule that went into effect November 30, 2020 is a game changer for any entities that have or are pursuing Defense Industrial Base (DIB) contracts or subcontracts. Prior to the new Interim Rule, contractors and sub-contractors could self-attest that they met DoD cybersecurity requirements…