Do You Have Documented CyberSecurity Training For 2023?
Annual CyberSecurity Training Is Required
Posted December 5, 2023 by Jack Anderson
Certified Cybersecurity Experts
CISSP (Certified Information Systems Security Professional) “Earning the CISSP proves that you have what it takes to effectively design, implement, and manage a best-in-class cybersecurity program.” www.isc2.org
Posted December 12, 2022 by Jack Anderson
DIBCAC Medium Assessment (Desk Audit)
Desk audit is an interim compliance method between self assessment and on-site audit.
Posted June 28, 2022 by Jack Anderson
System Security Plan (SSP) Checklist
A defensible SSP is a collection of documents providing detailed information about the current level of cybersecurity compliance in your organization. It should include at least these documents:
- Configuration Form Using DLA Template
- Cybersecurity Incident Response Form
- Site Data Summary Form
- Safeguards Listing Form
- Policies and NIST Safeguards
- Risk Assessment
- CUI Cybersecurity Compliance Report
- DoDAM Report
- POAM
- NIST 800-171 Compliance Report
- NIST Security Rule Compliance Report
Posted May 29, 2022 by Jack Anderson
Civil-Cyber Fraud Initiative and HIPAA
The Department of Justice has launched the Civil-Cyber Fraud Initiative with a focus on HIPAA.
Posted February 7, 2022 by Jack Anderson
Why You Need Quarterly SSPs (System Security Plan)
SSP is critical for documenting compliance
Posted January 31, 2022 by Jack Anderson
Simple Analysis of Changes In DOD Cybersecurity
CMMC 2.0 is the future, but the present is all about DFARS and Posting on SPRS
Posted December 30, 2021 by Jack Anderson
SPRS Requires DoDAM, POAM, SSP
What is needed to post on the SPRS site.
Posted July 13, 2021 by Jack Anderson