The Cybersecurity Maturity Model Certification (CMMC) introduces a verification mechanism that will ensure the necessary security mechanisms are in place to better protect Controlled Unclassified Information (CUI) and other sensitive data made available to contractor organizations.
CMMC will soon be incorporated into Defense Federal Acquisition Regulation Supplement (DFARS), making it a requirement for DIB contractors that wish to be eligible for contract awards. This podcast provides an overview of CMMC for DoD contractors and subcontractors that are new to this requirement.
The CSIAC Podcast
The CSIAC Podcast features discussions with Subject Matter Experts on emerging topics in the fields of cybersecurity, modeling and simulation, software engineering and knowledge management. One-on-one and round-table discussions are held to provide insight into highly technical topics and increase user awareness.
A Brief Side-by-Side Comparison Between C++ and Rust – Part 3
The series ends by answering key questions and provides advice as to where to get started with this new language that is quickly being adapted by Fortune 500 companies.
A Brief Side-by-Side Comparison Between C++ and Rust – Part 2
This discussion between a moderator (Mr. Patch) and two software engineering subject matter experts (Mr. Corley and Dr. Fawcett), walks through a set of common functions, first implemented through C++ and then in Rust, to note initial speed, performance and security of memory access differences. This episode describes how the comparison was conducted by using both Rust and C++ to perform the same function under the relatively same conditions.
A Brief Side-by-Side Comparison Between C++ and Rust – Part 1
This discussion between a moderator (Mr. Patch) and two software engineering subject matter experts (Mr. Corley and Dr. Fawcett), walks through a set of common functions, first implemented through C++ and then in Rust, to note initial speed, performance and security of memory access differences. This podcast covers the ground rules for the side-by-side comparison to ensure the methods used are thoroughly understood.
Assessing the Operational Risk Imposed by the Infrastructure Deployment Pipeline
A generalized Infrastructure Deployment Pipeline (IDP) reference architecture is presented to assist with risk assessment and mitigation. An experiment was conducted to determine if application of the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) can mitigate the risks inherent to the IDP workflow process. The author concludes that while the NIST CSF does largely mitigate IDP cybersecurity risks, additional controls are still required to fully assure cybersecurity for the CD process.
Privacy Impact Assessment: The Foundation for Managing Privacy Risk
Privacy Impact Assessments (PIA) analyze how a unit collects, uses, shares, and maintains individually identifiable information. In this podcast and companion article titled “Privacy Impact Assessment: The Foundation for Managing Privacy Risk,” Mr. William Stallings delivers insightful and practical guidance on understanding and identifying the range of threats to privacy in information collection, storage, processing, access, dissemination and protecting privacy.
Securing the Supply Chain: A Hybrid Approach to Effective SCRM Policies and Procedures
This podcast seeks to add context not only to the challenges facing security within the Information and Communications Technology (ICT) Supply Chain, but attempts to give a hybrid framework for any business regardless of size or function to follow when attempting to mitigate threats both to and from within their supply chain.
5 Best Practices for a Secure Infrastructure
Hackers are becoming progressively more sophisticated. The attacks can take place on companies, businesses, hospitals, government organizations and universities, alike. A non-intentional lack of awareness of basic security practices can easily lead to a ransomware attack with irreparable damage.
This video podcast describes some best practices that can assist in preventing incidents on a network and mitigate the risk in case of a cyber attack.
Fifth Generation Cellular – A Discussion with Idaho National Laboratory on 5G – Part 4
This multi-part series explores a broad range of aspects regarding fifth generation (5G) wireless networks. In this final episode, 5G-oriented National Cyber Strategies are discussed and future 5G devices are examined.
Fifth Generation Cellular – A Discussion with Idaho National Laboratory on 5G – Part 3
This episode will discuss new 5G capabilities and applications, this includes mission-critical services, massive Internet of Things (IoT), and enhanced mobile broadband. It also explores potential cybersecurity concerns involving 5G technology and methods to mitigate these issues.
