User contributions for Marieramsay
A user with 82 edits. Account created on 24 September 2024.
29 September 2024
- 23:5623:56, 29 September 2024 diff hist +249 Audit and Accountability No edit summary current
- 23:5123:51, 29 September 2024 diff hist +8,801 N Audit and Accountability Created page with "The Audit and Accountability family in NIST 800-171 Rev 2 is designed to ensure that organizations have the ability to track, monitor, and analyze activities within their information systems. By logging events and auditing system activity, organizations can detect unauthorized access, identify anomalies, and maintain accountability for user actions, which is critical for protecting Controlled Unclassified Information (CUI). This family includes requirements for logging..."
- 23:4323:43, 29 September 2024 diff hist +6,582 N Awareness and Training Created page with "The Awareness and Training family in NIST 800-171 Rev 2 is one of the 14 security control families that focuses on ensuring that employees and users of an organization’s systems are well-informed about cybersecurity risks and know how to protect Controlled Unclassified Information (CUI). This family emphasizes the importance of educating and training users to recognize and respond appropriately to potential security threats, thus helping to minimize human-related s..." current
- 23:3623:36, 29 September 2024 diff hist −1 Access Control No edit summary
- 23:3623:36, 29 September 2024 diff hist −1 Access Control No edit summary
- 23:3423:34, 29 September 2024 diff hist +339 Access Control No edit summary
- 23:3023:30, 29 September 2024 diff hist +119 Access Control No edit summary
- 23:2823:28, 29 September 2024 diff hist +8,690 N Access Control Created page with "Access Control is one of the 14 security families in NIST 800-171 Rev 2, which provides guidelines for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. The Access Control family focuses on limiting access to information systems, applications, and data to authorized individuals and ensuring that only those with appropriate permissions can access sensitive information. This helps prevent unauthorized access, which is critical fo..."
- 23:1823:18, 29 September 2024 diff hist −2 Self-Assessment and Certification No edit summary
- 23:1723:17, 29 September 2024 diff hist +28 Self-Assessment and Certification No edit summary
- 23:1623:16, 29 September 2024 diff hist +7,955 N Self-Assessment and Certification Created page with "In the Cybersecurity Maturity Model Certification (CMMC) framework, self-assessments and third-party certifications are two key mechanisms that organizations (especially defense contractors) use to demonstrate compliance with cybersecurity requirements set by the Department of Defense (DoD). These mechanisms are designed to ensure that contractors handling Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) have adequate cybersecurity measure..."
- 23:0223:02, 29 September 2024 diff hist +84 Continuous monitoring No edit summary current
- 23:0123:01, 29 September 2024 diff hist +2 Continuous monitoring No edit summary
- 23:0123:01, 29 September 2024 diff hist +2 Continuous monitoring No edit summary
- 23:0023:00, 29 September 2024 diff hist +7,394 N Continuous monitoring Created page with "Continuous monitoring is a cybersecurity practice that involves the ongoing, real-time assessment and analysis of an organization's systems, networks, and data to identify potential vulnerabilities, threats, or unauthorized access. The goal of continuous monitoring is to maintain visibility into the security posture of an organization at all times, allowing for faster detection and response to cybersecurity incidents. === Key Components of Continuous Monitoring: === '..."
- 22:5522:55, 29 September 2024 diff hist +5,999 N APT Created page with "Advanced Persistent Threats (APTs) refer to highly sophisticated and persistent cyberattacks typically launched by well-funded and skilled adversaries, such as nation-states, organized cybercriminal groups, or advanced hacking collectives. Unlike typical cyberattacks that focus on immediate gains or disruption, APTs aim to infiltrate a network, remain undetected for long periods, and continuously gather intelligence or data over time. === Key Characteristics of APTs: ==..." current
- 22:4522:45, 29 September 2024 diff hist +4,323 N NIST SP 800-172 Created page with "[https://csrc.nist.gov/pubs/sp/800/172/final NIST SP 800-172], titled "Enhanced Security Requirements for Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations," builds on the foundation of NIST SP 800-171. It provides additional security controls and enhancements for organizations that handle highly sensitive Controlled Unclassified Information (CUI), particularly when the risk of advanced persistent threats (APTs) is a concern. H..." current
- 22:3922:39, 29 September 2024 diff hist +1 NIST 800-171 No edit summary current
- 22:3922:39, 29 September 2024 diff hist +2,570 N NIST 800-171 Created page with "[https://csrc.nist.gov/pubs/sp/800/171/r2/upd1/final NIST 800-171], officially titled "Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations," is a publication developed by the National Institute of Standards and Technology (NIST). It provides a set of guidelines and security requirements for protecting sensitive but unclassified information, specifically Controlled Unclassified Information (CUI), when it is stored or transmitted by..."
- 22:3122:31, 29 September 2024 diff hist +1,632 N FAR Created page with "The [https://www.acquisition.gov/browse/index/far FAR] (Federal Acquisition Regulation) is the set of rules and regulations that govern the acquisition process for all executive agencies of the U.S. federal government. It establishes the policies and procedures for government procurement of goods and services, ensuring that the process is conducted in a fair, transparent, and consistent manner. The FAR covers a wide range of topics, including: 1. Contract Types: It out..." current
27 September 2024
- 00:2800:28, 27 September 2024 diff hist −2 Preferred Partners No edit summary current
- 00:2600:26, 27 September 2024 diff hist +225 Preferred Partners No edit summary
- 00:1100:11, 27 September 2024 diff hist +1 Preferred Partners No edit summary
- 00:1100:11, 27 September 2024 diff hist −1 Preferred Partners No edit summary
- 00:1000:10, 27 September 2024 diff hist +125 Preferred Partners No edit summary
- 00:0800:08, 27 September 2024 diff hist +146 Preferred Partners No edit summary
- 00:0500:05, 27 September 2024 diff hist +2 Preferred Partners No edit summary
- 00:0500:05, 27 September 2024 diff hist +413 N Preferred Partners Created page with "These are Preferred Partners that our community has used and would recommend. The community does not guarantee the services on behalf of the vendors, but services have been used (and continue to be used) and preferred by many in our community. ===Compliance Consultants & Managed Service Providers (MSP)s:=== [https://defcert.com/ DEFCERT] [https://www.sentinelblue.com/ Sentinel Blue] ===Manufacturers:==="
26 September 2024
- 23:1123:11, 26 September 2024 diff hist +4 FCI No edit summary current
- 23:1123:11, 26 September 2024 diff hist +2,441 N FCI Created page with "Federal Contract Information (FCI) refers to information provided by or generated for the government under a contract that is not intended for public release. While FCI is not classified or as sensitive as Controlled Unclassified Information (CUI), it still requires protection to prevent unauthorized access or disclosure. ===Key Aspects of FCI:=== 1 - Definition: FCI includes any information that is not public and is provided or developed during the course of performi..."
- 23:0723:07, 26 September 2024 diff hist −430 CUI No edit summary current
- 23:0423:04, 26 September 2024 diff hist +4,567 N CUI Created page with "Controlled Unclassified Information (CUI) refers to sensitive information that, while not classified, requires safeguarding or dissemination controls in accordance with laws, regulations, or government-wide policies. The CUI program was established by Executive Order 13556 in 2010 to standardize the way the federal government and its contractors handle this type of information, reducing inconsistencies and improving information security across agencies. ===Key Aspects o..."
- 23:0223:02, 26 September 2024 diff hist +5,764 N DoD Created page with "The Department of Defense (DoD) is the federal executive department responsible for ensuring the national security and overseeing the U.S. Armed Forces. Its mission is to provide military forces to deter war and protect the security of the United States. The DoD's personnel structure is vast and includes both civilian and military personnel organized in a hierarchical framework. Here’s an overview of the key components of the DoD's structure: 1. '''Civilian Leadership..." current
- 22:5522:55, 26 September 2024 diff hist +36 DFARS No edit summary current
- 22:5422:54, 26 September 2024 diff hist 0 DFARS No edit summary
- 22:5422:54, 26 September 2024 diff hist +3,034 N DFARS Created page with "Several Defense Federal Acquisition Regulation Supplement (DFARS) clauses are directly related to CMMC (Cybersecurity Maturity Model Certification) and the protection of Controlled Unclassified Information (CUI). These DFARS clauses mandate that contractors meet certain cybersecurity requirements and, in some cases, obtain CMMC certification. Here are the most relevant DFARS clauses: 1. [https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-inform..."
- 22:5022:50, 26 September 2024 diff hist +1,202 N DIB Created page with "The Defense Industrial Base (DIB) refers to a global network of private-sector companies and organizations that provide products and services to the Department of Defense (DoD) and other defense-related government entities. These companies design, develop, manufacture, and maintain military systems, equipment, and technologies that are critical for national defense and security. The DIB includes a wide range of industries, such as: *Aerospace and aviation *Shipbuilding..." current
- 22:4622:46, 26 September 2024 diff hist +10 Main Page No edit summary
- 22:4622:46, 26 September 2024 diff hist +99 Main Page No edit summary
- 22:4522:45, 26 September 2024 diff hist +92 CMMC Overview No edit summary current
- 22:4222:42, 26 September 2024 diff hist +31 Main Page No edit summary
- 22:4122:41, 26 September 2024 diff hist −59 Main Page No edit summary
- 22:4022:40, 26 September 2024 diff hist +231 Main Page No edit summary
- 22:3522:35, 26 September 2024 diff hist +86 Main Page No edit summary
- 22:3322:33, 26 September 2024 diff hist −13 Talk:Main Page Blanked the page current Tag: Blanking
- 22:3122:31, 26 September 2024 diff hist +99 CMMC Overview No edit summary
- 22:3022:30, 26 September 2024 diff hist +28 CMMC Overview No edit summary
- 22:2922:29, 26 September 2024 diff hist +8 CMMC Overview No edit summary
- 22:2722:27, 26 September 2024 diff hist +5,286 N CMMC Overview Created page with "The Cybersecurity Maturity Model Certification (CMMC) is a framework designed to enhance cybersecurity practices across the Defense Industrial Base (DIB). It applies to any organization within the supply chain (receiving specific DFARS flow-down) that works on contracts with the Department of Defense (DoD), ensuring these companies can safeguard Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). In November 2021, in response to industry fe..."
- 22:1622:16, 26 September 2024 diff hist +13 N Talk:Main Page Created page with "CMMC Overview"