For your convenience, ITdojo has assembled the following collection of RMF-related government publications. Please note these are UNCLASSIFIED documents with no restrictions on usage or distribution. Laws and Executive Branch Policies Federal Information Security Management Act (FISMA) OMB Circular A-130 Appendix III (Security of Federal Information Systems) Federal Information Processing Standard (FIPS) Publications FIPS 199…
By Lon J. Berman, CISSP BAI Consulting Now that DoD has “officially” begun its adoption of RMF, let’s take a look at some of the things that are “new”! 10. Cybersecurity. The word “Cybersecurity” has been part of the government IT security discussion for several years, going back to a Presidential Directive in 2008. DoD has now adopted the term Cybersecurity in…
On March 12, 2014 the DoD released a new policy that makes it official that the DoD Information Assurance Certification and Accreditation Process (DIACAP) is being put to bed in favor of a “new” Risk Management Framework (RMF). The news is not a revelation as it has been in the works for a few years…
I have started and stopped learning python an embarrassing number of times. Guess what? I’m at it again. For reasons I cannot adequately explain I have never really been able to latch on to it. I am, after all, a networking guy at heart. I have always wanted to write my own code but in…
As many of you know, if you received your Security+ certification after 2011, you are not eligible for lifetime Security+ status. Before that you were grandfathered in, but if your is after 2011 you are out of luck. No every 3 years you must renew your certification by either retaking the exam, or by completing…