OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

Digital transformation is a holistic re-imagining of how companies, governments and organizations use technology, people and processes to deliver services or perform their mission. Through digital transformation, federal agencies look to deliver the same kinds of business or customer-focused digital experiences that are common in the commercial arena. The federal sector has been pursuing digital transformation for years through various avenues...

For federal, state and local government cybersecurity executives, the mission to detect and eliminate hackers on their expanding digital networks has always been a fluid exercise. In the last year, their work has become even more challenging. As the pandemic pushed agencies to remote work, they leaned even more on cloud computing, mobile and remote access capabilities, and the attack surface has become more diffuse and vulnerable. Sly, determi...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

As DOD continues the roll-out of its Cybersecurity Maturity Model Certification program, both government acquisition professionals and the contracting community are scrambling to understand and implement the certification requirements. Join us to learn the latest on what is required and what may be ahead for acquisition and contracting executives concerning cyber certifications and audits as government and industry experts share their insights...

As technology evolves, so do the threats to its security. The remote work shift caused by the continuing pandemic has pressed security teams to reassess how they verify and allow access. Zero Trust is a strategy, not a product, which reimagines the way access is granted to users, to data and to applications. Devices, which used to be central to identity, now include personal computers and home internet connections, which are not government iss...

As the global pandemic continues and countries wait for a vaccine, estimates about when federal employees will return to their offices in force range from Summer 2021 to Never. Many organizations have discovered the advantages of telework and now plan on expanding its use, even when there is not a snowstorm or health crisis. Although some jobs require on-site personnel, the Office of Personnel Management said that 42% of federal employees are...

High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver rea...

SANS is committed to delivering high-quality cyber security training so you can keep your skills sharp and stay ahead of cyber threats. Join us for interactive trainings during SANS Cyber Security West 2021 - Live Online (Feb 1-6, PST), and receive relevant, applicable training from wherever you are. Choose your course and register now for practical training taught by top industry practitioners. SANS Live Online events offer live-stream, instr...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...