Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations

Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations.  May 22, 2017 9:14 AM.   Join PACE TULSA NOW…TEXT:  PACEPAC  TO:  22828 OR Register |  Lost your password?.  feed-icon-28x28

Picture1

Attention DoD contractors: NIST’s SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations was revised in December 2016. The revision has produced new requirements, added clarifications, and created many discussion points. This webinar will explain in detail the changes contained in SP 800-171 revision 1 and various FAR/DFAR hooks into the document, impacts it has on your organization, and how you can continue to implement its IA guidelines.

Join the Discussion and Ask a Question about the revision   View More CSIAC Resources on This Topic

Watch the Recorded Webinar

Presenter:

Mr. Wade Kastorff

Mr. Wade Kastorff is employed by SRC, Inc as a Security Systems Engineer responsible for life-cycle enterprise scale information assurance for both government and commercial organizations. For over 15 years Mr. Kastorff has been involved with the development of enterprise information assurance strategy, information assurance assessment planning and execution, transition of legacy systems to current risk management framework, and evaluation of proposed information systems impact to the current and future enterprise information security baseline. He is a Certified Information Systems Security Professional and has also earned several SANS Institute certifications including Advanced Incident Handling and Advanced Hacker Techniques and System Forensics, Investigations, and Response.

+ GOOGLE CALENDAR+ ICAL EXPORT

Cyberwarfare:

Benjamin Foulois Cyber Proving Ground – 24th Air Force

Since 2015, the 24th Air Force (24 AF) and Air Force Life Cycle Management Center (AFLCMC) have been working to establish a Cyber Proving Ground (CPG), located at Joint Base San Antonio-Lackland, Texas, in support of the 24 AF’s cyber missions and cyber weapon systems, and associated touch points of the 25 AF missions.

What Tallinn Manual 2.0 Teaches Us About The New Cyber Order – Forbes

Appropriately named “Tallinn Manual 2.0: International Law Applicable to Cyber Operations,” the new book offers a fascinating look at how far the cyber threat landscape has evolved in the less than half decade since the first version’s release in 2013, shifting the focus from conventional state-authorized and operated cyber warfare to the small-bore deniable cyber activities that form the majority of day-to-day cyber attacks today.

For the US Army, ‘Cyber War’ Is Quickly Becoming Just ‘War’ – Defense One

The Army, which already has 30 cyber teams at full operational capability and 11 more at initial operating capability, is aiming to have 41 fully operational teams by year’s end.

Data Security:

JavaScript-Based ASLR Bypass Attack Simplifies Browser Exploits – NetworkWorld

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: address space layout randomization (ASLR). The attack takes advantage of how modern processors cache memory and, because it doesn’t rely on a software bug, fixing the problem is not easy.

Fileless Memory-Based Malware Plagues 140 Banks, Enterprises – ThreatPost

Attackers have been using well-known, standard utilities to carry out attacks on organizations around the world, and covering their tracks by wiping their activity from the machine’s memory before its rebooted.

Industrial Control Systems Security:

Meet LogicLocker: Boffin-Built SCADA Ransomware – The Register

Let’s start with the “calm down” part of the article: yes, LogicLocker is ransomware designed for programmable logic controllers, but no, the cyber-geddon isn’t upon us.

Internet-of-Things:

Chip Could Make Voice Control Ubiquitous in Electronics – ScienceDaily

In anticipation of the age of voice-controlled electronics, MIT researchers have built a low-power chip specialized for automatic speech recognition. Whereas a cellphone running speech-recognition software might require about 1 watt of power, the new chip requires between 0.2 and 10 milliwatts, depending on the number of words it has to recognize.

Legislation:

CYBERSECURITY: Actions Needed to Strengthen U.S. Capabilities – Government Accountability Office (GAO)

GAO has consistently identified shortcomings in the federal government’s approach to ensuring the security of federal information systems and cyber critical infrastructure as well as its approach to protecting the privacy of personally identifiable information (PII).

Mobile Security:

Apple iCloud Hoards ‘Deleted’ Browser History Going Back More Than a Year – Forbes

If you think clearing your web browsing history on your iPhone or Mac is going to make your online habits permanently disappear, you’d be wrong. Very wrong. According to the CEO of Russian hacking tool creator Elcomsoft, Apple is storing Safari histories in the iCloud going back more than a year, possibly much longer, even where the user has asked for them to be wiped from memory.

Network Security:

UnifyID’s Ingenious User Authentication Platform Wins Innovation Sandbox Contest – HelpNetSecurity

The UnifyID product consists of an app that runs on users’ devices as well as a cloud service. The local apps periodically collect sensor data from the local device, process it, and communicate with the cloud service.

Quantum Computing:

High-Dimensional Quantum Cloning and Applications to Quantum Hacking – Science Advances

Attempts at cloning a quantum system result in the introduction of imperfections in the state of the copies. This is a consequence of the no-cloning theorem, which is a fundamental law of quantum physics and the backbone of security for quantum communications. Although perfect copies are prohibited, a quantum state may be copied with maximal accuracy via various optimal cloning schemes.

 Take part in our online Survey

sponsors

6

COPYRIGHT | 2017 ©PACE AGS FOUNDATION. “Pedestrian Awareness Crosswalk Education is an online think-tank intersecting awareness of public transportation policy in the United States.”

UA-92208558-1

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s