CMMC Town Crier | Ask me about NIST cybersecurity controls | Smashing compliance frameworks for fun and profit | Cyber policy wonk |
New podcast is up: scheduled post while on vacay edition. Anyways, what I used to say: 90% of the questions in the CMMC ecosystem could be answered if people read the first three chapters of NIST SP 800-53. What I say now: 90% of the questions in the CMMC ecosystem could be answered if people took the new RMF-series training courses from NIST. There is a one hour course for each RMF special publication: 𝗦𝗣 𝟴𝟬𝟬-𝟯𝟳 - Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy 𝗦𝗣 𝟴𝟬𝟬-𝟱𝟯 - Security and Privacy Controls for Information Systems and Organizations 𝗦𝗣 𝟴𝟬𝟬-𝟱𝟯𝗔 - Assessing Security and Privacy Controls in Information Systems and Organizations 𝗦𝗣 𝟴𝟬𝟬-𝟱𝟯𝗕 - Control Baselines for Information Systems and Organizations There is new info. There are new charts. The courses are good. You should take them. The courses should be mandatory pre-requisites to any CMMC training. Check out the latest podcast for our course review (links below 👇) Like ❤️ and subscribe 🔔
There is a one hour course 🎞️ for each RMF special publication: “BRUNCH-n-LEARN” 👀 but where??? Q: can SIMPLIFIED naming of FRAMEWORKS help everyone get on the “same page” 📄 … it worked for Larry Page EXAMPLE: the ABC, 123, xYz of NIST, ISO or any “GOV.reg” 🤔 perhaps every FRAMEWORK or public POLICY should have its own standardized DOMAIN to streamline any regulation lookup… 🎞️ 🗣️ 🎙️ 📃 review and comments by industry experts? 𝗦𝗣 𝟴𝟬𝟬-𝟯𝟳 - RMF: (SPC) Security and Privacy Controls ISO 𝗦𝗣 𝟴𝟬𝟬-𝟱𝟯 - GENERAL (SPC) Security & Privacy Controls ISO 𝗦𝗣 𝟴𝟬𝟬-𝟱𝟯𝗔 - ASSESSING (SPC) Security & Privacy ISO 𝗦𝗣 𝟴𝟬𝟬-𝟱𝟯𝗕 - BASELINES controlls(SPC) for an ISO
For inquiring minds - yes, it’s a real human doing the narration!
…but where’s the EZ-button to compliance. 🤣
Hot tip and good advice. Will do.
Thank you, Jacob Horne and Jason Sproesser for all of your dedication and research! The world of Cybersecurity and GRC in general is enhanced through your discussions!
CMMC Town Crier | Ask me about NIST cybersecurity controls | Smashing compliance frameworks for fun and profit | Cyber policy wonk |
1mo👀 Watch Here: YouTube: https://youtu.be/TeUodxMy-L8?si=ca8iqQIDBZ3UfEEl Spotify: https://open.spotify.com/show/2qwRGssjNbp7M2Ygm2Dvum 🔊 Listen here: Apple Podcasts: https://podcasts.apple.com/us/podcast/summit-7-presents-sum-it-up/id1649265805 Pandora: https://www.pandora.com/podcast/summit-7-presents-sum-it-up/PC:1001030604 Stitcher: https://www.stitcher.com/show/1030604 Spotify: https://open.spotify.com/show/2qwRGssjNbp7M2Ygm2Dvum Amazon: https://music.amazon.com/podcasts/7d78f748-d481-47fc-abd1-061157ce0a81