Cybersecurity Risk Management Webinars
The Commonwealth of Virginia and GENEDGE webinar series for 2017 has ended, but feel free to review recorded audio recordings or view PDFs of each presentation. In the recorded webinar series below, you will discover ways to improve your Cybersecurity posture and use a risk management approach to mitigate your total losses due to cyber attacks.
Recorded topics include:
- What Your Management Needs to Know,
- Where to Get Help with Cybersecurity,
- Elements of a Cybersecurity / Information Security Plan,
- DFARS compliance and more!
Webinar: DEFEND CUI Program Webinar Recap / April 5, 2022
Are you aware of the new wording in your contracts? Are you safeguarding your CUI? Do you have a security plan? No? We can help you. Check out the video above - Recap of the DEFENDCUI-VA Program - and listen as Dave Bartlow, DEFENDCUI-VA Program Manager, provides more information about it.
Webinar: CMMC 2.0 Updates / January 11, 2022
Webinar: DoD Suppliers – Keeping Up With Changing CUI Cybersecurity Requirements /June 23, 2020
Cyber (In)Security: What Business Leaders Need to Know / Session One – July 12, 2017
Cyber (In)Security: Where to Get Help / Session Two – July 26, 2017
Cyber (In)Security: Tips on What to Do Now & Cybersecurity Fundamentals / Session Three – August 9, 2017
Cyber (In)Security: A Risk Management Approach to Improve Security Posture and Prioritize Mitigation Efforts / Session Four – August 23, 2017
Cyber (In)Security: Securing the Internet of Things and Industrial Control Systems & Cyber Apprenticeship / Session Five – September 13, 2017
Cyber (In)Security: Elements of a Cybersecurity Information Security Plan: How and Why You Need One / Session Six – September 27, 2017
GENEDGE Cybersecurity Framework Flyer
Links to Online Resources
Why Is Cybersecurity Important?
"Why Is Cybersecurity Important" published by Grand Canyon University. This guide defines what cybersecurity is and its importance to our daily lives. It also outlines the job market in cybersecurity and why you should consider getting a job in the cybersecurity industry.
Department of Defense Cybersecurity Certification Requirements for Suppliers
General Cyber Resources
- Centers of Excellence
- FCC Cyber Planner
- NIST Computer Security Resource Center
- Federal Trade Commission Business Center
DOD FAR and DFARS
- Department of Defense (DOD) Office of Small Business Programs
- NIST MEP Self-Assessment for NIST SP800-171 Requirements to meet DFARS Cybersecurity compliance
- Controlled Unclassified Information CUI Definitions
- NIST latest primer
- Via Colorado MEP / Video overview on DFARS 7012 Compliance:
- FAR 52.204-21 (15 Basic Security Controls)
- DFARS 225.204-7012 (110 Security Controls) includes the NIST SP 800-171 specs
Department of Homeland Security
- Department of Homeland Security (DHS)
- For critical infrastructure every day to provide energy, water, transportation, financial systems:
DISA – Defense Information Systems Agency
- Joint Information Environment
- Cyber Security/Information Assurance Program
When accessing this link select “Advanced” and then accept the site.
- External Certificate Authority Program
(for third parties to to securely communicate with the DOD and authenticate to DOD Information Systems)
Industrial Controls Cyber Security
- The National Cybersecurity and Integration Center (NCCIC), a division of the Department of Homeland Security’s Office of Cybersecurity and Communications (DHS CS&C)
- Strategy for Securing Control Systems (PDF)
- SCADAhacker.com – Library of Resources
- NIST Cybersecurity Framework Manufacturing Profile (PDF)
- U.S. Department of Commerce – National Institute of Technology
- NIST Cyber Framework
- NIST National Cybersecurity Center of Excellence
- NIST/DHS Vulnerabilty Database
- NIST SPECs: NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations (PDF)
- NIST SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations
- 2016 Cost of Data Breach Study: Global Analysis (June 2016)
Benchmark research sponsored by IBM and independently conducted by Ponemon Institute LLC.
The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face.