Center for Development of Security Excellence Training

Share

This site, powered by the Department of Defense, Defense Counterintelligence and Security Agency (DCSA), offers training in some key areas of security. CDSE provides diverse security courses and products to DOD personnel, DOD contractors, employees of other federal agencies, and selected foreign governments. Training is presented through a variety of learning platforms and is streamlined to meet performance requirements and accommodate the busy schedules of today’s students.

Posted in:

Leave a Comment (0) →

Cybersecurity Compliance (and CMMC)

Share
  1. Learn about NIST 800-171 requirements (currently applicable to all levels of DoD contractors including – including lower tier subcontractors): https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final
  2. Learn about Cybersecurity Maturity Model Certification (CMMC):
  3. Follow the CMMC AB (accreditation body) for news: https://cmmcab.org/
  4. TO BE COMPLIANT:
    • Contact your local APEX Accelerator counselor to make sure you understand how it applies to you and the process. Virginia clients email apex@gmu.edu if you don’t know your counselor.
    • Create a System Security Plan (SSP) – template available on link #1 above from NIST
    • If applicable create a Plan of Action and Milestones (POAM) – template available on link #1 from NIST (look under Documentation)
    • Perform your Basic (self) Assessment against NIST 800-171 – instructions and documents available on link #1 above from NIST (look under documentation)
    • Publish your results from the NIST 800-171 Basic (self) Assessment into the Supplier Performance Risk Management System (SPRS): https://www.sprs.csd.disa.mil/ and review FAQ: https://www.sprs.csd.disa.mil/faqs.htm#nist
    • If applicable, locate an official Certified 3rd Party Assessment Organization (C3PAO) to perform a CMMC 2.0 level 2 assessment (get multiple quotes on the open market to see how much it will cost for the assessment): https://cmmcab.org/marketplace/

Other resources:

Posted in:

Leave a Comment (0) →

US-CERT

Share

United States Computer Emergency Readiness Team (US-CERT) is part of the Department of Homeland Security. US-CERT serves as a centralized hub of coordination and information sharing between federal organizations and their mission includes providing boundary protection for the federal civilian executive domain and cybersecurity leadership. See here for how it can be helpful: https://ics-cert.us-cert.gov/

Posted in:

Leave a Comment (0) →