Cybersecurity for Contracting Professionals
This two-day, elective course focuses on critical thinking skills, which are imperative when assessing cyber risk throughout the contracting lifecycle. Participants learn how to safeguard contracts by understanding today's rapidly changing cybersecurity regulations and their impact on the contracting world. Participants will become vigilant in watching for any cybersecurity threats and be able to quickly react to any possible breach.
This course is focused on government and contractor systems and the sharing of controlled unclassified information as part of the acquisition process.
• Understand the elements of cybersecurity: People, Processes, and Technology
• Understand roles in cybersecurity activities
• Understand the Executive Order and DoD-GSA guidance
• Discuss current National Cybersecurity Strategy, NIST Cybersecurity framework, and continuous diagnostics and Mitigation (CDM)
• Use Federal Information Security Management Act (FISMA) guidelines, to achieve compliance and protect Federal information systems
• Apply IA principles and risk management framework (RMF)
• Create a culture of awareness of the issues surrounding good cybersecurity practices – recognize IT supply chain risks
• Create processes that are easily implemented and consistently followed, with distinct repercussions and remedies
• Plan ahead and assess what data is available– determine the value of each data set and allocate appropriate security measures – not all data is critical and securing all data is not feasible or reasonable
• Explore technology solutions to automate processes, restrict access points, and reduce data spillage