Cybersecurity References

The following resources provide cybersecurity reference materials and recent announcements for general awareness for the practitioners.

News & Features (nsa.gov) The NSA/CSS Public and Media Affairs Office fosters relationships with media outlets throughout the world, responding to requests for information about NSA/CSS and its missions, interviews with leadership or experts, and filming opportunities.

Newsroom | United States Secret Service Stay up-to-date with the latest news from United States Secret Service.

Stay Safe Online – Stay Safe Online Learn how to protect yourself, your family and devices with these tips and resources.

Exostar Cybersecurity Maturity Model Information Site Exostar CMMC information site provides timelines, FAQs, and updates on development of the CMMC.

The CMMC Accreditation Body Website The CMMC AB will provide information and set requirements for prospective C3PAOs and individual assessors. Prospective C3PAOs and assessors should reference the CMMC AB website.

The Office of the Under Secretary of Defense for Acquisition and Sustainment CMMC Website The Office of the Undersecretary of Defense for Acquisition and Sustainment (OUSD(A&S)) vision for CMMC is to be a unified cybersecurity standard for DoD acquisitions to reduce exfiltration of Controlled Unclassified Information (CUI) from the Defense Industrial Base (DIB).

YouTube – Detailed Analysis of CMMC’s Impact on Suppliers Representatives from several primes are discussing the impact of CMMC on the supplier base. These primes include Jeffrey Dodson (BAE Systems), Christopher Page (Huntington Ingalls Industries), Mike Gordon (Lockheed Martin), and Noble Dean (L3Harris).

YouTube – The DoD’s Cybersecurity Maturity Model Certification and Process Maturity This video is an hour long presentation conducted by Carnegie Mellon SEI to discuss the process maturity for CMMC.

YouTube – Understanding Cybersecurity Maturity Model Certification (CMMC): How it will affect your organization and how to prepare. October 24, 2019: DoD has announced CMMC as a unified cybersecurity standard to be consistently applied to all organizations across the Defense Industrial Base. CMMC certification becomes a requirement in 2020. It will greatly enhance the cybersecurity of the supply chain, but will also enforce new requirements for your organization to participate on any DoD contract. CMMC requires certification by an accredited third party and is pass/fail. Watch Ms. Arrington’s CMMC introduction.

National Cyber Awareness System The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

US CERT/CISA Cyber Announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.

Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041) DoD is issuing an interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DoD Assessment Methodology and Cybersecurity Maturity Model Certification framework in order to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DoD supply chain.

SANS – Critical Vulnerability Recap When information security vulnerabilities are identified, the Internet Storm Center (ISC) develops, assembles, and distributes material to help the cyber security community manage these threats. For some of the more critical vulnerabilities, SANS hosts special webcasts led by ISC handlers to provide additional information. On this page, you can read an overview of some of the recent critical vulnerabilities, watch the related webcasts or go to the ISC to learn more about each vulnerability.

hsdl.org | Homeland Security Digital Library at NPS – is the nation’s premier collection of documents related to homeland security policy, strategy, and organizational management. The HSDL is sponsored by the U.S. Department of Homeland Security’s National Preparedness Directorate, FEMA and the Naval Postgraduate School Center for Homeland Defense and Security.