Navigating the Risk Management Framework (RMF) for DoD and Government Agencies

In today’s tech-driven world, safeguarding sensitive data and critical systems is a top priority, especially for government agencies, including the Department of Defense (DoD). They handle vast amounts of sensitive information, making the Risk Management Framework (RMF) an essential part of their cybersecurity strategy. In this article, we’ll take a dive into RMF, what it’s…

NIST SP 800-53: WHAT’S THE DELTA FROM REV. 4 TO REV. 5?

BY KATHRYN DAILY, CISSP, CGRC (FORMERLY CAP), RDRP NIST SP 800-53 (National Institute of Standards and Technology Special Publication 800-53) provides a set of security and privacy controls for information systems and organizations. It was initially developed by NIST thanks to the E-Government Act of 2002, or more specifically, the Federal Information Security Management Act…

Risk. What to Do With It.

By Kathryn Daily, CISSP, CAP, RDRP Recently our regional grocery store chain notified their employees and customers that they had a data breach involving some HR data and pharmacy records. The breach was caused by a vulnerability in the Accellion file sharing system which the grocery chain immediately stopped using. As I was perusing the…

Guaranteed to Run Live Remote Online Cisco Classes

Below is a list of upcoming Guaranteed to Run Cisco classes running in Live Remote Online format that are coming up.  If you are interested, please reach out to Nick@itdojo.com.  Details and pricing provided upon request. CLCOR: Implementing Cisco Collaboration Core Technologies     02-22 to 02-26 ENWLSD: Designing Cisco Enterprise Wireless Networks   03-01 to 03-05 SDWADV: Cisco SD-WAN…

Welcome, Step 0

By Lon J. Berman, CISSP, RDRP Q. The Risk Management Framework (RMF) life cycle is comprised of how many steps? A. Oh, that’s easy, it’s six. Well … not so fast. As you probably know, the Risk Management Framework (RMF) has always been described as a six step process, to wit: 1-Categorize, 2- Select, 3-Implement,…

NIST Rev. 5 Supplemental Materials

By Kathryn Daily, CISSP, CAP, RDRP Back in September of last year (2020), NIST finally published the final version of Special Publication 800-53 Revision 5. Most notably, this revision incorporated privacy considerations in the security controls themselves rather than having separate control families for the privacy controls (e.g., AR, AP, IP, etc.). This is a…