Cybersecurity 2019: Regulations and Standards
Time:
11:30 am - 1:00 pm EST
About:
This series, taught by two experts in the field, will walk participants through the most important issues facing government contractors as they navigate the fast-changing issues of cybersecurity. Starting with a survey of the current threats confronting all companies in the cyber world, and ending with a session about how to deal with a breach of your systems, this series will also delve into the new government contracting rules relating to cybersecurity, as well as the new twists on existing technology and privacy laws in light of today’s cyber events.
Agenda:
- Introduction and Overview
- The threat (including international and APT, government investigations)
- The data
- The law
- Agency-specific regulations for protecting unclassified information
- FAR Basic Safeguarding Rule
- NARA CUI rule
- DFARS Provision
- Protecting Sensitive Information
- The Privacy Act and PII
- FAR Privacy Act Clause
- Privacy Act Training Rule (FAR Case 2010-013)
- The Privacy Act and PII
- Regulations and Standards
- NIST
- NIST 800-53
- NIST 800-171
- NIST
- The Cloud and FedRAMP
- Subcontractor/supplier considerations (e.g., DFARS provision)
- Confronting the threat – sharing information and spreading the risk
- Insider Threat
- Cyber insurance
- Information sharing
- Government response – Executive Order; potential legislation
- Breach Investigation and Response
- Before a breach occurs
- Immediate response
- Relating to law enforcement
- Relating to customers and the public