By, Kathryn Daily, CISSP, CGRC, RDRP Over a decade ago NIST published the Cybersecurity Framework as a base set of standards, guidelines, and best practices to manage cybersecurity risks for...
Continue Reading
by Lon J. Berman, CISSP, RDRP The year 2020 will be remembered for lots of things, not the least of which was the “great toilet tissue shortage.” Who can forget...
Continue Reading
As of 4:30 eastern time, I was able to login to RMF Knowledge Service. Hopefully it’s back for good.
Well as you probably know if you're here, RMF Knowledge Service has been down for several months for unknown reasons. This morning the page loaded, and presented a login option,...
Continue Reading
Are you going to Technet Augusta? So are we! (Did we just become best friends? 👫) Come see us at booth 216. We will have informational handouts, RMF hot sauce, and maybe a funny joke. 🥳
A reader who calls herself “Cleanup Mode” writes: Dear Dr. RMF, I have recently taken over responsibility for a couple of systems and the RMF packages are a mess! I’m trying to make some sense out of how they handled the STIGs and it just makes no sense to me….
A reader who calls himself “Between a Rock and a Hard Place” writes: Dear Dr. RMF, My unit is in the early stages of our RMF efforts for a new information system and we are having a little bit of a “debate” about which “version” of the RMF controls we…
by Lon J. Berman, CISSP, RDRP Those of us who have worked with government information systems for a number of years have come to realize the wheels of change turn very slowly – but they do turn! Case in point – DoD adoption of NIST Special Publication (SP) 800-53 Rev…
This blog excerpt is taken from our April 2023 newsletter. To view the rest of the newsletter, visit rmf.org/newsletter. By Kathryn Daily, CISSP, CGRC (Formerly CAP), RDRP As some may have heard, SCAP Compliance Checker (SCC) has lost funding from DISA as of the end of FY22 and as a…
This blog excerpt is taken from our April 2023 newsletter. To view the rest of the newsletter, visit rmf.org/newsletter. By: Devon Schall, Ph.D., CISSP On March 30th, I had the opportunity to attend the primary conference day for Information Systems Security Association (ISSA) Colorado Springs Cyber Focus Week hosted at…