• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs

nist

Convocourses podcast: RMF Course Updates New NIST 53

June 23, 2021 by pinay one Leave a Comment

Sign up for free at http://convocourses.com for deeper dives.  

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Filed Under: convocourses, NIST Controls, NIST Security Framework, podcast Tagged With: convocourses, Convocourses podcast: RMF Course Updates New NIST 53, nist, rmf

NIST RMF 800 and Privacy

March 24, 2021 by cyberaware2 Leave a Comment


Control interpretation is something that I get asked a lot. When I was teaching another organization all over the world I would get this question a lot. I was teaching DIACAP which is an older DoD version of Risk Management Framework. And would get that question often because the security controls are sometime hard to understand. Its the way the word them. Its the main job of an ISSO and can be difficult.

We have created a course that interprets the security controls:
https://securitycompliance.thinkific.com/courses/rmf-isso-security-controls-documentation

Privacy is a big part of the NIST 800-37 and 800-53.

Privacy is huge concern of mine that the US and some other governments around the world are not really taking seriously and it’s just unfortunate. I’ve been actually developing another free course about it to show people how to protect themselves.

Filed Under: Risk Management For DoD IT Tagged With: nist, NIST RMF 800, privacy

Data Security Analyst State of Colorado denver RMF NIST JOB

February 1, 2020 by cyberaware2 Leave a Comment

check out the course:
http://convocourses.com

Check out the job:
Job Details:
Job title: Data Security Analyst (0000076025)
Location: Denver, #Colorado(80203)
Estimated Duration: 01/13/2020 – 09/30/2020

Job Description:
Reports to the Director of Security Risk and Compliance or Delegate to perform activities for the oversight of the risk and compliance program.
Perform activities to reduce vulnerabilities for the overall enterprise risk management program.
Performs duties to facilitate confidentiality, integrity, and availability of systems to protect data from unauthorized users.
May require a bachelor’s degree in area of specialty and at least 5 years or more of risk management, experience working in a complex environment, and assessment of internal controls.
Has knowledge of commonly-used concepts, practices, and procedures in accordance with the #NIST #RMF (risk management framework).
The specialized individual must have previous experience with implementing an enterprise risk management (ERM) framework and applicable certifications such as CISSP, CISA, or CISM.
In addition, experience working with a Governance Risk and Compliance tool is highly desired, but not a must-have.
This individual should be a self-starter, able to provide consultative advice and able to work autonomously.

Thanks,
Have a wonderful day!!
Maddy |Technical Recruiter | Email: v.madhuri@softpath.net
Direct: 678 783 7352| Ext. 522 | Softpath System LLC | 3985 Steve Reynolds Blvd | Bldg C Norcross GA 30093 www.softpath.net
Linkedin: https://www.linkedin.com/in/maddy-johnson-270220136/

Filed Under: information system compliance, IT Security Jobs Tagged With: CISSP, colorado, denver, enterprise risk management (ERM), nist, risk managment framework, rmf, state

STIG Update – Windows 10 Support Dates and Information

October 2, 2017 by Bruce Brown Leave a Comment

STIG Update – Windows 10 Support Dates and Information


Every Windows product has a lifecycle. The lifecycle begins when a product is released and ends when it’s no longer supported. Knowing key dates in this lifecycle helps you make informed decisions about when to upgrade or make other changes to your software. Below are the dates for Windows 10 lifecycle support:

Windows 10 version 1507  – May 9, 2017

Windows 10 version 1511 – October 10, 2017

Windows 10 version 1607  – Tentatively March 2018

Windows 10 version 1703  – Tentatively September 2018

Windows 10 Version v1511 will become unsupported on 10 October 2017 at which time it will become a CAT I severity to have it installed.  Organizations must upgrade to at least v1607 by that time.

It is recommended upgrading to the latest released version.

Refer to this link for additional information: https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet.

 


For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Filed Under: diarmf - implement, STIGS Tagged With: nist, STIG, STIG Update - Microsoft Windows 10 STIG, windows 10

Group Policy Objects (GPOs) for Security Technical Implementation Guides (STIGs)

September 28, 2017 by Bruce Brown Leave a Comment

STIG Update – Group Policy Objects (GPOs) for Security Technical Implementation Guides (STIGs) – September 2017


Group Policy Objects (GPOs) have been updated for September 2017. See the Change Log document included in the zip file for additional information.  DISA Risk Management Executive is posting the GPOs for use by system administrators to ease the burden in securing systems within their environment.  The GPOs can be found on IASE website on the Group Policy Objects tab located at this link: https://iase.disa.mil/stigs/Pages/index.aspx

List of GPOs currently in the package:

Office Products:
Access 2013
Access 2016
Excel 2013
Excel 2016
InfoPath 2013
Lync 2013
Office System 2013
Office System 2016
OneDrive for Business 2016
OneNote 2013
OneNote 2016
Outlook 2013
Outlook 2016
PowerPoint 2013
PowerPoint 2016
Project 2013
Project 2016
Publisher 2013
Publisher 2016
SharePoint Designer 2013
Skype for Business 2016
Visio 2013
Visio 2016
Word 2013
Word 2016

Browsers:
Internet Explorer 11
Google Chrome

Antivirus:
Windows Defender AV

Operating Systems:
Windows 10
Windows 7
Windows 8/8.1
Windows Firewall
Windows Server 2008 R2 DC
Windows Server 2008 R2 MS
Windows Server 2012 R2 DC
Windows Server 2012 R2 MS
Windows Server 2016

Filed Under: diarmf - implement, STIGS Tagged With: disa stigs, nist, STIG

WEBINAR: GSA, DHS, NIST on personal mobile security, THU 11/10 (CPEs)

November 8, 2016 by Bruce Brown Leave a Comment

Securing and managing agency mobile apps.
WEBINAR, THU 11/10, Complimentary, CPEs

This important video webinar will explore how mobile apps
rapidly expand in agency networks and how agency experts
limit security risks while they manage mobile Web devices
to drive agency productivity and mission achievement.

REGISTRATION AND INFO
https://goto.webcasts.com/starthere.jsp?ei=1123951&sti=emc

ALTERNATE REGISTRATION LINK:  www.FedInsider.com

WEBINAR TOPIC
The Framework for Mobile Security in Government

DATE: THU 11/10
TIME: 2:00 PM ET / 11:00 AM PT
DURATION: 1 hour
CPE: 1 CPE from the George Washington University,
Center for Excellence in Public Leadership
COST: Complimentary

SPEAKERS
– JON JOHNSON, Enterprise Mobility Team Manager, GSA

– VINCENT SRITAPAN, Program Manager, Cyber Security
Division, DHS Science and Technology (S&T) Directorate

– JOSHUA FRANKLIN, Information Security Engineer, NIST

– JOHNNY OVERCAST, Director of Government Sales, Samsung
Electronics America

– TOM TEMIN, Host and Managing Editor, The Federal Drive,
Federal News Radio 1500 AM

PRESENTED BY: WTOP, Federal News Radio, FedInsider News,
and The George Washington University Center for
Excellence in Public Leadership

*** OTHER GOVT-INDUSTRY CPE CREDIT EVENTS IN THE SERIES ***
Visit www.fedinsider.com

CART services provided for captioning for all webinars.

Looking forward to meeting you online!

Peg Hosky, President

Email: peg@hosky.com
Phone: 202-237-0300
www.FedInsider.com
LinkedIn: www.linkedin.com/in/peghosky
Twitter:  @peghosky

FedInsider News
3811 Massachusetts Avenue NW
Washington DC 20016
F10-171912

Filed Under: cyberspace workforce Tagged With: CAP, CISSP, CPE, DHS, nist

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Primary Sidebar

search


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Convocourses Podcast: Plan of Action and Milestone
  • Start with These IT Certifications (Part 1)
  • How to Tailor Security Controls in NIST 800
  • #cybersecurityjobs are recession proof
  • What IT Certifications for Information Security (part 2) (8140)

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce IA implement implementation info assurance information assurance information security ISSO IT it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book

Copyright © 2023 · Author Pro on Genesis Framework · WordPress · Log in