- 16
- 23 532
CastleLock
United States
Приєднався 31 січ 2020
How Do I Assess NIST 800-171 Control 3.1.3?
James Hill & Coby Pennington discuss all the dirty details around assessing that CUI Flow referred to in NIST 800-171 Control 3.1.3.
Переглядів: 438
Відео
How to Master NIST 800-171 Assessment Scope
Переглядів 3,9 тис.2 роки тому
The release of the CMMC Scoping guide introduces official guidance on how to scope your information system to protect CUI and implement cyber security controls. James and Coby step the audience through the practical application of this guide and review how various controls like NIST 800-171 3.1.3 would be impacted by scope. Check Out Our Last Master Class Video: ua-cam.com/video/LCSB73ajVHc/v-d...
The Master Class: Understanding The Assessment methodology for NIST 800-171
Переглядів 4522 роки тому
Join CastleLock's James Hill & Coby Pennington for the master class on assessing your environment against: - NIST 800-171 controls - DFARS 252.204-7012 clauses - Identifying CUI in your environment Links referenced in video: www.hivesystems.io/password-table
How to: Determine Your NIST 800-171 SPRS Score
Переглядів 4,1 тис.2 роки тому
Do you need assistance demonstrating your compliance to NIST 800-171? Follow along as Chief Compliance Officer Coby Pennington walks us through using all the resources necessary to determine your organizations SPRS score! Resources from video: SPRS Calculator clchannelcontent.s3.us-east-2.amazonaws.com/CastleLock_DoD_Scoring_Methodologyv1.1-Shared.xlsx Sample SSP: clchannelcontent.s3.us-east-2....
How to: FIPS - Assessing FIPS 140-2 & FIPS 140-3 Certificates
Переглядів 2,2 тис.2 роки тому
Follow along as we walk you through assessing FIPS 140-2 & FIPS 140-3 certificates: The Federal Information Processing Standard (FIPS) 140-2 & FIPS 140-3 is a U.S. government standard that defines minimum security requirements for cryptographic modules in information technology products and systems. Testing against the FIPS 140-2 & FIPS 140-3 standards is maintained by the Cryptographic Module ...
Controlled Unclassified Information (CUI) - KNOW YOUR DATA!
Переглядів 5942 роки тому
While awareness of the Cybersecurity Maturity Model Certification (CMMC) is widespread in the Defense Industrial Base (DIB), the Government’s Controlled Unclassified Information (CUI) program is poorly understood by defense contractors.
CMMC 2.0 Everything You Need to Know
Переглядів 3,4 тис.2 роки тому
Listen in as Cybersecurity Compliance Experts, CastleLock® Senior Partner James Hill & Chief Compliance Officer Coby Pennington, offer their perspective regarding the details surrounding DoD's recent CMMC 2.0 update as well as the items Contractors should be focused on right now. -DFARS 252.204 7012 -DFARS 252.204 7019 -DFARS 252.204 7020 -NIST SP 800-171 Link to Supplier Platform Risk Score (S...
Webinar - The Cybersecurity Maturity Model Certification (CMMC) 1.0
Переглядів 8 тис.4 роки тому
In this Webinar, CastleLock Chief Compliance Officer Coby Pennington and Chief Technology Officer James Hill discuss the newly released DoD Cybersecurity Maturity Model Certificate v1.0 framework. Built on primarily on NIST SP 800-171 and DFARS 252.204-7012, the CMMC addresses the shortcomings of the current of the current Safeguarding Requirements the DoD has in place for sharing and protectio...
How Does the Cybersecurity Maturity Model Certification (CMMC) Certification Process Work?
Переглядів 1184 роки тому
How Does the Cybersecurity Maturity Model Certification (CMMC) Certification Process Work?
Why is Multi-factor Authentication (MFA) so important for reducing Cybersecurity Risk?
Переглядів 674 роки тому
Why is Multi-factor Authentication (MFA) so important for reducing Cybersecurity Risk?
How Do We Prepare for Cybersecurity Maturity Model Certification?
Переглядів 314 роки тому
Every company providing services to the Department of Defense will be impacted by the Cybersecurity Maturity Model Certification (CMMC). This rollout will take several years and there is still more to be learned as the CMMC Accrediting Body trains organizations how to assess CMMC. Join Coby Pennington, Chief Compliance office at CastleLock, as he covers steps you can take now to prepare! Not on...
How do we assess Cybersecurity Maturity Model Certification (CMMC) Readiness?
Переглядів 234 роки тому
How do we assess Cybersecurity Maturity Model Certification (CMMC) Readiness?
What do we need to do to achieve a Level 1 Cybersecurity Maturity Model Certification (CMMC)?
Переглядів 1694 роки тому
What is CMMC Level 1? In this video, CastleLock’s Chief Compliance Officer, Coby Pennington introduces us to the Cybersecurity Maturity Model Certification Level 1. This is the minimum requirement to do business with the Department of Defense and exactly matches the 15 controls called out in FAR 52.204-21 and 17 of the NIST SP 800-171r1 controls. Companies that wish to do business with the Depa...
What are the consequences of not being CMMC certified?
Переглядів 154 роки тому
What are the consequences of not being CMMC certified?
What is Cybersecurity Maturity Model Certification (CMMC)?
Переглядів 424 роки тому
What is Cybersecurity Maturity Model Certification (CMMC)?
This really helped to understand NIST better, thank you for sharing.
Are you guys still around. I can't seem to get to your website.
same issue here
hey, can you provide the right contact information to connect with you?
Nice job gents!
Excellent information. Thank you.
Excellent, useful, and accurate information for CMMC. Thank you!
You folks have great info but none of your links work.
Thank you. I think I fixed the links. Let me know.
@@castlelock6875 yessss. Thanks a lot.
None of your links work and I'd really like to use the SSP tool.
The tool should be available.
@@castlelock6875 Thanks a lot. How high of a score do you need to get a DoD Contract?
I'm not in the 100s
@@karvtekYou are not alone. I know of vendors with lower scores that have been awarded DoD Contracts. I think the most important thing to take away from this excercise is that you are compliant with the clause and your POA&M, SSP and SPRS are accurate and up to date. Also, don't neglect the other parts of the 7012 clause, make sure you get that medium assurance cert and know how to report incidents.
@@castlelock6875 ok thank you. I didnt know about the 7012 but will look into it. Right now I'm trying to get my JCP.
These have been really great. Could you do one on how to build/format the System Security Plan?
Gordon, thanks for the feedback. As a first step to building an SSP take a look at our free template. castlelock.com/wp-content/uploads/2022/04/System-Security-Plan-SSP-Template-Document-v1.3.a-1.docx
Great examples! Thank you.
Glad you liked it!
I am a brand-new Jr. cyber analyst and really appreciate your breakdown with visuals to help me better understand how to begin to implement NIST 800-171.
Thanks, this is perfect.