NIST SP 800-53, Revision 5 Security Controls for Information Systems and Organizations – 1 overview

NIST SP 800-53, Revision 5 Security Controls for Information Systems and Organizations – 1 overview

To download the slide go to:
https://securitycompliance.thinkific.com

NIST Special Publication 800-53, Revision 5
Security and Privacy Controls
Final Public Draft: October 2018
Final Publication: December 2018
Source: https://csrc.nist.gov/projects/risk-m…

NIST Special Publication 800-53A, Revision 5
Assessment Procedures for Security and Privacy Controls
Initial Public Draft: March 2019
Final Public Draft: June 2019
Final Publication: September 2019

There are 6 major objectives for this update—
-Making the security and privacy controls more outcome-based by changing the structure of the controls;

-Fully integrating the privacy controls into the security control catalog creating a consolidated and unified set of controls for information systems and organizations

-Separating the control selection process from the actual controls: systems engineers, software developers, enterprise architects; and mission/business owners

-Promoting integration with different risk management and cybersecurity approaches and lexicons, including the Cybersecurity Framework

-Clarifying the relationship between security and privacy to improve the selection of controls necessary to address the full scope of security and privacy risks
https://www.youtube.com/watch?v=hWWILCZbDho

How to Make 6 Figures in IT Security (cybersecurity) – Do you want this?

Course site: https://securitycompliance.thinkific.com I am thinking of doing a course on how to make 6 figures in IT Security. What do you think? Is this something you would be interested in? This is something I know a lot about. I would explain:

The landscape of IT Security

Career paths in IT Security

How to choose the right path

How to prepare for that path

What kinds of IT security jobs make 6 figures

What places and companies pay 6 figures

What certifications, degrees and experience you need to start

How to build a bad ass IT security resume

where to post it how to respond once offers start coming in

What is payment card industry PCI data security standard DSS?

What is payment card industry PCI data security standard DSS?

I got the chance to talk to a Payment Card Industry (PCI) professional. James is in the PCI IT industry and tells about it from inside the field. It is a great opportunity to learn about this growing career path. We talked about how the PCI security standard compares to the Risk Management Framework. Here are some of the resources we talked about: https://www.pcisecuritystandards.org/https://www.pcicomplianceguide.org/ Enroll to learn MORE on security compliance: https://securitycompliance.thinkific.com

NIST 800 37 Revision 2 – RMF for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

Download the presentation in this Video & Learn more here:

http://securitycompliance.thinktific.com

This is an overview of NIST 800-37 Revision 2. I discuss the changes, the sources and Cybersecurity Framework.

NIST Special Publication 800-37, Revision 2
Risk Management Framework for Security and Privacy
Initial Public Draft: May 2018
Final Public Draft: July 2018
Final Publication: October 2018

NIST 37-800 Rev 2:
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r1.pdf

Executive Order:
https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/

OMB:
https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/memoranda/2017/M-17-25.pdf

Cybersecurity Framework:
https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-021214.pdf

NIST SP 800-53 (Revision 5):
https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft

Source of Changes:
President’s Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Office of Management and Budget Memorandum M-17-25 – next-generation Risk Management Framework (RMF) for systems and organizations
NIST SP 800-53 Revision 5 Coordination

crypto n00b bitconnect 1st Lend ep4

crypto currency crypton00b ep4 Bitconnect BCC 1 time lending

This video was done in May 2017. I did my first Bitconnect loan to try it out. A LOT has changed since then. For one thing the price of the bitconnect currency (BCC) has gone from $16 to $127. There is also a huge divide on BCC with some calling it a scam and others making money on bitconnect for the last year. I will give an update on my current status on this soon.

 

WEBINAR: GSA, DHS, NIST on personal mobile security, THU 11/10 (CPEs)

Securing and managing agency mobile apps.
WEBINAR, THU 11/10, Complimentary, CPEs

This important video webinar will explore how mobile apps
rapidly expand in agency networks and how agency experts
limit security risks while they manage mobile Web devices
to drive agency productivity and mission achievement.

REGISTRATION AND INFO
https://goto.webcasts.com/starthere.jsp?ei=1123951&sti=emc

ALTERNATE REGISTRATION LINK:  http://www.FedInsider.com

WEBINAR TOPIC
The Framework for Mobile Security in Government

DATE: THU 11/10
TIME: 2:00 PM ET / 11:00 AM PT
DURATION: 1 hour
CPE: 1 CPE from the George Washington University,
Center for Excellence in Public Leadership
COST: Complimentary

SPEAKERS
– JON JOHNSON, Enterprise Mobility Team Manager, GSA

– VINCENT SRITAPAN, Program Manager, Cyber Security
Division, DHS Science and Technology (S&T) Directorate

– JOSHUA FRANKLIN, Information Security Engineer, NIST

– JOHNNY OVERCAST, Director of Government Sales, Samsung
Electronics America

– TOM TEMIN, Host and Managing Editor, The Federal Drive,
Federal News Radio 1500 AM

PRESENTED BY: WTOP, Federal News Radio, FedInsider News,
and The George Washington University Center for
Excellence in Public Leadership

*** OTHER GOVT-INDUSTRY CPE CREDIT EVENTS IN THE SERIES ***
Visit http://www.fedinsider.com

CART services provided for captioning for all webinars.

Looking forward to meeting you online!

Peg Hosky, President

Email: peg@hosky.com
Phone: 202-237-0300
http://www.FedInsider.com
LinkedIn: http://www.linkedin.com/in/peghosky
Twitter:  @peghosky

FedInsider News
3811 Massachusetts Avenue NW
Washington DC 20016
F10-171912

Passive Income with my24hourincome (part 1)

Thank you Lu+Toiya for introducing me to an amazing, life changing system created by visionaries Drew Burton and Faheem Rajput.*

I met this crazy couple on Youtube who introduced me to something that that changed the direction of my life, career and goals. What a blessing! It is called my24hourincome and it is a revenue sharing program.

I thought this was an MLM or Network marketing but it is not. Revenue sharing is the distribution of profits and losses between stakeholders. Apparently, this is a thing! It is going to be a really big thing. You have to try it to see for yourself the growth potential.

Join US: https://www.my24hourincome.com/ref/br

cvs pharmacy scam gift card

scam Gift Central for CVS

We received an email with the title: “Gift Central for CVS” from <giftingcentral@iredrodeset.weirdslugs.xyz> this email has a link that may lead to malware or phishing sites.

The email states:

Hello

This is Jim from the Rewards Counter.
A friend left you a $1,000 CVS Gift!
No need to thank them. Just need to claim it.

Claim and Ship your CVS Gift-Card Now!.

Important!! If this continues to lay around.
We may be forced into closing the option to claim it.
Please activate your special
$1,000 CVS Gift.

Thank you for being a valued member!

Sincerely,

Jim
Rewards Counter

Please try the new McDonalds menu entirely free SCAM

SCAM Please try the new McDonalds menu entirely free!

If you receive an email offering “New McDonalds Meunu entirely free”.  This email may have phishing/malware links.  The message in the email states:

We want you to try the new menu! And to show our appreciation we are willing to give away this $100 gift card!

Just take this breif survey and get a free $100 gift card to try the new menu!

The link within the email leads to a browser extension called Piggy.  Which is very intrusive.  

 

1 2 3 126