10 Concepts for a Thriving RMF Program

By Amanda Lowell, Security+ CE, RDRP My friends and I joke that being in the field of cybersecurity is equivalent to searching for unicorns–achieving cybersecurity is a myth…   Let me explain.   The “cybersecurity” buzzword, as it is thrown around by executives today, is a myth. The concept of…

Continue Reading

Post Categories: Risk ManagementRisk Management FrameworkRMF TrainingSecurity Controls Implementation and Assessment Tags:

NIST SP 800-53: What’s the Delta from Rev. 4 to Rev. 5?

This blog excerpt is taken from our July 2023 newsletter. To view the rest of the newsletter, visit rmf.org/newsletter. By Kathryn Daily, CISSP, CGRC (Formerly CAP), RDRP NIST SP 800-53 (National Institute of Standards and Technology Special Publication 800-53) provides a set of security and privacy controls for information systems…

Continue Reading

Post Categories: NIST 800-53Risk Management FrameworkSecurity Controls Implementation and AssessmentSupply Chain Risk Management Tags:

So, You Think You Can Practice RMF: Breaking into Cybersecurity as an RMF Practitioner

This blog excerpt is taken from our July 2023 newsletter. To view the rest of the newsletter, visit rmf.org/newsletter. By Philip D. Schall, Ph.D., CISSP, RDRP As a college professor and Director of Training at BAI RMF Resource Center, I often am approached by students of all ages asking how they…

Continue Reading

Post Categories: Registered DoD RMF Practitioner (RDRP)Risk ManagementRisk Management FrameworkRMF Training Tags:

The RMF Hot Sauce Story

By Lon J. Berman, CISSP, RDRP If you have attended a BAI training class you should have received a “special gift” from BAI – a bottle of “RMF Hot Sauce”. Naturally we hope you and your family or friends enjoyed our little spicy treat. Over the years, lots of people…

Continue Reading

Post Categories: BAI Announcements Tags:

Ready for In-Person Classroom RMF Training?

By P. Devon Schall, Ph.D., CISSP Tired of Microsoft Teams and Zoom meetings yet? As a trained instructional designer, online college professor, residential (in-person) college professor, and Director of Training at BAI RMF Resource Center, I am opinionated and passionate about pedagogy and training delivery methods. 2020 has been full…

Continue Reading

Post Categories: RMF Training Tags:

NIST Rev. 5 Supplemental Materials

By Kathryn Daily, CISSP, CAP, RDRP Back in September of last year (2020), NIST finally published the final version of Special Publication 800-53 Revision 5. Most notably, this revision incorporated privacy considerations in the security controls themselves rather than having separate control families for the privacy controls (e.g., AR, AP,…

Continue Reading

Post Categories: NIST Privacy Framework Tags:

DFARS Compliance with CMMC/NIST SP 800-171

By Marilyn Fritz, CISSP, CISA, ITIL, PMP The new DFARS Interim Rule that went into effect November 30, 2020 is a game changer for any entities that have or are pursuing Defense Industrial Base (DIB) contracts or subcontracts. Prior to the new Interim Rule, contractors and sub-contractors could self-attest that…

Continue Reading

Post Categories: CMMC Tags: