Sign up for free at http://convocourses.com for deeper dives.
Many more videos on https://www.youtube.com/convocourses
short videos at https://www.tiktok.com/@convocourses?lang=en
Podcast version of the content:
Control interpretation is something that I get asked a lot. When I was teaching another organization all over the world I would get this question a lot. I was teaching DIACAP which is an older DoD version of Risk Management Framework. And would get that question often because the security controls are sometime hard to understand. Its the way the word them. Its the main job of an ISSO and can be difficult.
We have created a course that interprets the security controls:
Privacy is a big part of the NIST 800-37 and 800-53.
Privacy is huge concern of mine that the US and some other governments around the world are not really taking seriously and it’s just unfortunate. I’ve been actually developing another free course about it to show people how to protect themselves.
check out the course:
Check out the job:
Job title: Data Security Analyst (0000076025)
Location: Denver, #Colorado(80203)
Estimated Duration: 01/13/2020 – 09/30/2020
Reports to the Director of Security Risk and Compliance or Delegate to perform activities for the oversight of the risk and compliance program.
Perform activities to reduce vulnerabilities for the overall enterprise risk management program.
Performs duties to facilitate confidentiality, integrity, and availability of systems to protect data from unauthorized users.
May require a bachelor’s degree in area of specialty and at least 5 years or more of risk management, experience working in a complex environment, and assessment of internal controls.
Has knowledge of commonly-used concepts, practices, and procedures in accordance with the #NIST #RMF (risk management framework).
The specialized individual must have previous experience with implementing an enterprise risk management (ERM) framework and applicable certifications such as CISSP, CISA, or CISM.
In addition, experience working with a Governance Risk and Compliance tool is highly desired, but not a must-have.
This individual should be a self-starter, able to provide consultative advice and able to work autonomously.
Have a wonderful day!!
Maddy |Technical Recruiter | Email: email@example.com
Direct: 678 783 7352| Ext. 522 | Softpath System LLC | 3985 Steve Reynolds Blvd | Bldg C Norcross GA 30093 www.softpath.net
Every Windows product has a lifecycle. The lifecycle begins when a product is released and ends when it’s no longer supported. Knowing key dates in this lifecycle helps you make informed decisions about when to upgrade or make other changes to your software. Below are the dates for Windows 10 lifecycle support:
Windows 10 version 1507 – May 9, 2017
Windows 10 version 1511 – October 10, 2017
Windows 10 version 1607 – Tentatively March 2018
Windows 10 version 1703 – Tentatively September 2018
Windows 10 Version v1511 will become unsupported on 10 October 2017 at which time it will become a CAT I severity to have it installed. Organizations must upgrade to at least v1607 by that time.
It is recommended upgrading to the latest released version.
Refer to this link for additional information: https://support.microsoft.com/
For all STIG related questions, please contact the DISA STIG Customer Support Desk: firstname.lastname@example.org
Group Policy Objects (GPOs) have been updated for September 2017. See the Change Log document included in the zip file for additional information. DISA Risk Management Executive is posting the GPOs for use by system administrators to ease the burden in securing systems within their environment. The GPOs can be found on IASE website on the Group Policy Objects tab located at this link: https://iase.disa.mil/stigs/
List of GPOs currently in the package:
Office System 2013
Office System 2016
OneDrive for Business 2016
SharePoint Designer 2013
Skype for Business 2016
Internet Explorer 11
Windows Defender AV
Windows Server 2008 R2 DC
Windows Server 2008 R2 MS
Windows Server 2012 R2 DC
Windows Server 2012 R2 MS
Windows Server 2016
Securing and managing agency mobile apps.
WEBINAR, THU 11/10, Complimentary, CPEs
This important video webinar will explore how mobile apps
rapidly expand in agency networks and how agency experts
limit security risks while they manage mobile Web devices
to drive agency productivity and mission achievement.
REGISTRATION AND INFO
ALTERNATE REGISTRATION LINK: www.FedInsider.com
The Framework for Mobile Security in Government
DATE: THU 11/10
TIME: 2:00 PM ET / 11:00 AM PT
DURATION: 1 hour
CPE: 1 CPE from the George Washington University,
Center for Excellence in Public Leadership
– JON JOHNSON, Enterprise Mobility Team Manager, GSA
– VINCENT SRITAPAN, Program Manager, Cyber Security
Division, DHS Science and Technology (S&T) Directorate
– JOSHUA FRANKLIN, Information Security Engineer, NIST
– JOHNNY OVERCAST, Director of Government Sales, Samsung
– TOM TEMIN, Host and Managing Editor, The Federal Drive,
Federal News Radio 1500 AM
PRESENTED BY: WTOP, Federal News Radio, FedInsider News,
and The George Washington University Center for
Excellence in Public Leadership
*** OTHER GOVT-INDUSTRY CPE CREDIT EVENTS IN THE SERIES ***
CART services provided for captioning for all webinars.
Looking forward to meeting you online!
Peg Hosky, President
3811 Massachusetts Avenue NW
Washington DC 20016