By P. Devon Schall, M.S., MA.Ed. CISSP, RDRP Over the past few months, I have heard rumblings of something called “RMF 30- Day Sprint”. It came up initially during an RMF for DoD IT training I taught in Virginia Beach, and it was pitched as a new program to grant…
By Kathryn Daily, CISSP, CAP, RDRP NIST has announced the development of a Privacy Framework. The framework is needed to ensure the ability to design, operate, or use technologies in ways that are observant of various privacy needs in a progressively connected and complicated environment. It is expected to help…
By Lon J. Berman CISSP, RDRP Thanks to the work of the Joint Task Force, RMF is now the official information security life cycle process across all three “segments” of the Executive Branch, i.e., DoD, federal civil agencies, and the intelligence community. It’s now been 4 ½ years since DoD…
By P. Devon Schall, CISSP, RDRP During a recent RMF literature search, I came across an interesting article titled “RMF Applied to Modern Vehicles”. The article was published by Charlie McCarthy and Kevin Harnett in 2014 and sponsored by the National Highway Traffic Safety Administration (NHTSA). The overall goal of…
By P. Devon Schall, M.S., MA.Ed. CISSP, RDRP On April 3rd and April 4th, I attended the Armed Forces Communications and Electronic Association (AFCEA) annual industry event titled AFCEA Belvoir Industry Days hosted at The Gaylord National Harbor in Maryland. The Belvoir chapter supports the Fort Belvoir community by connecting…
By Lon J. Berman, CISSP, RDRP NIST 800-53, and specifically Security Control CM-6, requires an organization to Establish and document configuration settings for information technology products employed within the information system using [Assignment: organizationdefined security configuration checklists] that reflect the most restrictive mode consistent with operational requirements; Implement the configuration…
By Lon J. Berman, CISSP, RDRP The Defense Security Service (DSS) serves as an interface between the government and cleared industry. DSS administers and implements the National Industrial Security Program (NISP) by providing oversight and assistance to cleared contractor facilities to ensure the protection of classified information. In short, if…
By P. Devon Schall, CISSP, RDRP With the addition of Step 0 to the RMF life cycle (a preparation step that BAI has been preaching for years which is now being implemented in SP 800-37 Rev. 2), we decided to make this month’s top ten list based on preparation. Preparation…
By Kathryn Daily, CISSP, RDRP If you heard a whooshing sound on New Year’s Eve, that was probably the deadline for compliance with NIST 171 flying by. A lot of you might be asking “What is NIST 171?” NIST 171 is a set of requirements documented in the NIST Special…
By Lon J. Berman, CISSP, RDRP BAI has recently expanded its training program to include training for the Certified Information Systems Security Professional (CISSP) credential. Beginning in February 2018, we are offering an intensive five-day course designed to prepare students for the CISSP certification exam. CISSP is an internationally recognized…
