Objective
The Defense Industrial Base (DIB) sector consists of companies that contribute to research, engineering, production, delivery, operations, installation, and support services.
The cyber actors continue to target the DIB sector and the Department of Defense (DoD) supply chain for intellectual property and unclassified information. The DoD has released the Cybersecurity Maturity Model Certification (CMMC) to ensure appropriate cybersecurity controls and processes to protect Controlled Unclassified Information (CUI) on DoD contractor systems.
Part I of the six-part series begins with knowing third-party cyber weaknesses and driving factors for Cybersecurity Maturity Model Certification. The course learnings include knowledge about NIST SP 800-171 Controls, Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI), Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 for safeguarding Controlled Unclassified Information (CUI) and NIST SP 800-171 Protecting Controlled Unclassified Information in Non-Federal Systems and Organizations.
This interactive training course will ensure professionals and practitioners at all levels understand their roles and responsibilities, new developments, resources, and hallmarks of an effective compliance program. In this course, you will be asked to read through lessons, participate in learning activities, and partake in knowledge checks designed to reinforce learning, followed by the end of the course final assessment.
What you will learn:
Understand the need for Cybersecurity Maturity Model Certification
Why the third-party contractors are the weakest cyber link?
Interpret the NIST SP 800-171 Controls
Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI)
Understand Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 for protecting Controlled Unclassified Information (CUI)
Understand NIST SP 800-171 Protecting Controlled Unclassified Information in Non-Federal Systems and Organizations
Learn about the essential differences between CMMC vs. NIST 800-171
Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes
Advanced Persistent Threat or Intrusion
What you will learn:
|
Anti Money Laundering (AML) Awareness
What you will learn:
- What it is and how does it work?
- Why people and organizations launder money?
- How money laundering works: basic process
- Legal consequences for money laundering, including state and federal (U.S.) penalties
- Applicable laws and regulation
- Insider trading
Architectural Solutions
What you will learn:
|
Asset Management
What you will learn:
|
Backup and Recovery
What you will learn:
|
Breach Management
What you will learn:
What you will learn:
The training promotes the objectiveof informed management for better decision-making. raining provides managementand employees with a basic understanding of underlying concepts and recommendationsfor managing challenges. Each section informed you about additional trainingrequirements and recommended courses. In the next 10minutes, you will learn:
- What is the importance of abreach notification?
- What is a data breach?
- In what circumstances wouldnotification of a data breach be required and to whom?
- Suggested e-Learning courses toenhance the knowledge.
(Note - The suggested e-Learningprogram is a two-part series.)
Breach Notification Part I - Awareness
What you will learn:
- What is the importance of a breach notification?
- What is a data breach?
- In what circumstances would notification of a data breach be required and to whom?
- When and how should notification of a data breach be provided?
- Framework for Effective Data Breach Notification Legislation
- Timing of Notification to Affected Individuals
- Post Data Breach Immediate Action Items
- Breach Notification to Authorities
Breach Notification Part II - Advanced
What you will learn:
- Breach Management
- Effective Breach Response
- Data Breach Checklist
- Breach Notification Notice Content
- Notification Timelines
- Lifecycle of a Data Breach
- Public Relations Strategy
Bring Your Own Device
What you will learn:
|
Business Continuity & Disaster Recovery (BCP / DR) Part I - Awareness
What you will learn:
- Disaster
- Business Continuity and Disaster Recovery
- Use Cases
- Risks Covered by DR
- Driving Factors
- Challenges in Developing DR Plan
- Technical Challenges
- Key Factors in DR Plan