User contributions for Marieramsay

23:5623:56, 29 September 2024 diff hist +249‎ Audit and Accountability ‎No edit summary current
23:5123:51, 29 September 2024 diff hist +8,801‎ N Audit and Accountability ‎ Created page with "The Audit and Accountability family in NIST 800-171 Rev 2 is designed to ensure that organizations have the ability to track, monitor, and analyze activities within their information systems. By logging events and auditing system activity, organizations can detect unauthorized access, identify anomalies, and maintain accountability for user actions, which is critical for protecting Controlled Unclassified Information (CUI). This family includes requirements for logging..."
23:4323:43, 29 September 2024 diff hist +6,582‎ N Awareness and Training ‎ Created page with "The Awareness and Training family in NIST 800-171 Rev 2 is one of the 14 security control families that focuses on ensuring that employees and users of an organization’s systems are well-informed about cybersecurity risks and know how to protect Controlled Unclassified Information (CUI). This family emphasizes the importance of educating and training users to recognize and respond appropriately to potential security threats, thus helping to minimize human-related s..." current
23:3623:36, 29 September 2024 diff hist −1‎ Access Control ‎No edit summary
23:3623:36, 29 September 2024 diff hist −1‎ Access Control ‎No edit summary
23:3423:34, 29 September 2024 diff hist +339‎ Access Control ‎No edit summary
23:3023:30, 29 September 2024 diff hist +119‎ Access Control ‎No edit summary
23:2823:28, 29 September 2024 diff hist +8,690‎ N Access Control ‎ Created page with "Access Control is one of the 14 security families in NIST 800-171 Rev 2, which provides guidelines for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. The Access Control family focuses on limiting access to information systems, applications, and data to authorized individuals and ensuring that only those with appropriate permissions can access sensitive information. This helps prevent unauthorized access, which is critical fo..."
23:1823:18, 29 September 2024 diff hist −2‎ Self-Assessment and Certification ‎No edit summary
23:1723:17, 29 September 2024 diff hist +28‎ Self-Assessment and Certification ‎No edit summary
23:1623:16, 29 September 2024 diff hist +7,955‎ N Self-Assessment and Certification ‎ Created page with "In the Cybersecurity Maturity Model Certification (CMMC) framework, self-assessments and third-party certifications are two key mechanisms that organizations (especially defense contractors) use to demonstrate compliance with cybersecurity requirements set by the Department of Defense (DoD). These mechanisms are designed to ensure that contractors handling Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) have adequate cybersecurity measure..."
23:0223:02, 29 September 2024 diff hist +84‎ Continuous monitoring ‎No edit summary current
23:0123:01, 29 September 2024 diff hist +2‎ Continuous monitoring ‎No edit summary
23:0123:01, 29 September 2024 diff hist +2‎ Continuous monitoring ‎No edit summary
23:0023:00, 29 September 2024 diff hist +7,394‎ N Continuous monitoring ‎ Created page with "Continuous monitoring is a cybersecurity practice that involves the ongoing, real-time assessment and analysis of an organization's systems, networks, and data to identify potential vulnerabilities, threats, or unauthorized access. The goal of continuous monitoring is to maintain visibility into the security posture of an organization at all times, allowing for faster detection and response to cybersecurity incidents. === Key Components of Continuous Monitoring: === '..."
22:5522:55, 29 September 2024 diff hist +5,999‎ N APT ‎ Created page with "Advanced Persistent Threats (APTs) refer to highly sophisticated and persistent cyberattacks typically launched by well-funded and skilled adversaries, such as nation-states, organized cybercriminal groups, or advanced hacking collectives. Unlike typical cyberattacks that focus on immediate gains or disruption, APTs aim to infiltrate a network, remain undetected for long periods, and continuously gather intelligence or data over time. === Key Characteristics of APTs: ==..." current
22:4522:45, 29 September 2024 diff hist +4,323‎ N NIST SP 800-172 ‎ Created page with "[https://csrc.nist.gov/pubs/sp/800/172/final NIST SP 800-172], titled "Enhanced Security Requirements for Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations," builds on the foundation of NIST SP 800-171. It provides additional security controls and enhancements for organizations that handle highly sensitive Controlled Unclassified Information (CUI), particularly when the risk of advanced persistent threats (APTs) is a concern. H..." current
22:3922:39, 29 September 2024 diff hist +1‎ NIST 800-171 ‎No edit summary current
22:3922:39, 29 September 2024 diff hist +2,570‎ N NIST 800-171 ‎ Created page with "[https://csrc.nist.gov/pubs/sp/800/171/r2/upd1/final NIST 800-171], officially titled "Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations," is a publication developed by the National Institute of Standards and Technology (NIST). It provides a set of guidelines and security requirements for protecting sensitive but unclassified information, specifically Controlled Unclassified Information (CUI), when it is stored or transmitted by..."
22:3122:31, 29 September 2024 diff hist +1,632‎ N FAR ‎ Created page with "The [https://www.acquisition.gov/browse/index/far FAR] (Federal Acquisition Regulation) is the set of rules and regulations that govern the acquisition process for all executive agencies of the U.S. federal government. It establishes the policies and procedures for government procurement of goods and services, ensuring that the process is conducted in a fair, transparent, and consistent manner. The FAR covers a wide range of topics, including: 1. Contract Types: It out..." current

00:2800:28, 27 September 2024 diff hist −2‎ Preferred Partners ‎No edit summary current
00:2600:26, 27 September 2024 diff hist +225‎ Preferred Partners ‎No edit summary
00:1100:11, 27 September 2024 diff hist +1‎ Preferred Partners ‎No edit summary
00:1100:11, 27 September 2024 diff hist −1‎ Preferred Partners ‎No edit summary
00:1000:10, 27 September 2024 diff hist +125‎ Preferred Partners ‎No edit summary
00:0800:08, 27 September 2024 diff hist +146‎ Preferred Partners ‎No edit summary
00:0500:05, 27 September 2024 diff hist +2‎ Preferred Partners ‎No edit summary
00:0500:05, 27 September 2024 diff hist +413‎ N Preferred Partners ‎ Created page with "These are Preferred Partners that our community has used and would recommend. The community does not guarantee the services on behalf of the vendors, but services have been used (and continue to be used) and preferred by many in our community. ===Compliance Consultants & Managed Service Providers (MSP)s:=== [https://defcert.com/ DEFCERT] [https://www.sentinelblue.com/ Sentinel Blue] ===Manufacturers:==="

23:1123:11, 26 September 2024 diff hist +4‎ FCI ‎No edit summary current
23:1123:11, 26 September 2024 diff hist +2,441‎ N FCI ‎ Created page with "Federal Contract Information (FCI) refers to information provided by or generated for the government under a contract that is not intended for public release. While FCI is not classified or as sensitive as Controlled Unclassified Information (CUI), it still requires protection to prevent unauthorized access or disclosure. ===Key Aspects of FCI:=== 1 - Definition: FCI includes any information that is not public and is provided or developed during the course of performi..."
23:0723:07, 26 September 2024 diff hist −430‎ CUI ‎No edit summary current
23:0423:04, 26 September 2024 diff hist +4,567‎ N CUI ‎ Created page with "Controlled Unclassified Information (CUI) refers to sensitive information that, while not classified, requires safeguarding or dissemination controls in accordance with laws, regulations, or government-wide policies. The CUI program was established by Executive Order 13556 in 2010 to standardize the way the federal government and its contractors handle this type of information, reducing inconsistencies and improving information security across agencies. ===Key Aspects o..."
23:0223:02, 26 September 2024 diff hist +5,764‎ N DoD ‎ Created page with "The Department of Defense (DoD) is the federal executive department responsible for ensuring the national security and overseeing the U.S. Armed Forces. Its mission is to provide military forces to deter war and protect the security of the United States. The DoD's personnel structure is vast and includes both civilian and military personnel organized in a hierarchical framework. Here’s an overview of the key components of the DoD's structure: 1. '''Civilian Leadership..." current
22:5522:55, 26 September 2024 diff hist +36‎ DFARS ‎No edit summary current
22:5422:54, 26 September 2024 diff hist 0‎ DFARS ‎No edit summary
22:5422:54, 26 September 2024 diff hist +3,034‎ N DFARS ‎ Created page with "Several Defense Federal Acquisition Regulation Supplement (DFARS) clauses are directly related to CMMC (Cybersecurity Maturity Model Certification) and the protection of Controlled Unclassified Information (CUI). These DFARS clauses mandate that contractors meet certain cybersecurity requirements and, in some cases, obtain CMMC certification. Here are the most relevant DFARS clauses: 1. [https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-inform..."
22:5022:50, 26 September 2024 diff hist +1,202‎ N DIB ‎ Created page with "The Defense Industrial Base (DIB) refers to a global network of private-sector companies and organizations that provide products and services to the Department of Defense (DoD) and other defense-related government entities. These companies design, develop, manufacture, and maintain military systems, equipment, and technologies that are critical for national defense and security. The DIB includes a wide range of industries, such as: *Aerospace and aviation *Shipbuilding..." current
22:4622:46, 26 September 2024 diff hist +10‎ Main Page ‎No edit summary
22:4622:46, 26 September 2024 diff hist +99‎ Main Page ‎No edit summary
22:4522:45, 26 September 2024 diff hist +92‎ CMMC Overview ‎No edit summary current
22:4222:42, 26 September 2024 diff hist +31‎ Main Page ‎No edit summary
22:4122:41, 26 September 2024 diff hist −59‎ Main Page ‎No edit summary
22:4022:40, 26 September 2024 diff hist +231‎ Main Page ‎No edit summary
22:3522:35, 26 September 2024 diff hist +86‎ Main Page ‎No edit summary
22:3322:33, 26 September 2024 diff hist −13‎ Talk:Main Page ‎ Blanked the page current Tag: Blanking
22:3122:31, 26 September 2024 diff hist +99‎ CMMC Overview ‎No edit summary
22:3022:30, 26 September 2024 diff hist +28‎ CMMC Overview ‎No edit summary
22:2922:29, 26 September 2024 diff hist +8‎ CMMC Overview ‎No edit summary
22:2722:27, 26 September 2024 diff hist +5,286‎ N CMMC Overview ‎ Created page with "The Cybersecurity Maturity Model Certification (CMMC) is a framework designed to enhance cybersecurity practices across the Defense Industrial Base (DIB). It applies to any organization within the supply chain (receiving specific DFARS flow-down) that works on contracts with the Department of Defense (DoD), ensuring these companies can safeguard Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). In November 2021, in response to industry fe..."
22:1622:16, 26 September 2024 diff hist +13‎ N Talk:Main Page ‎ Created page with "CMMC Overview"

29 September 2024

27 September 2024

26 September 2024