For those who work for the DoD or DHS
I need to know from a software vendor perspective. How do I:
Determine the Vendor Policies for the specific department in regards to cyber security.
For example. According to DIARMF I need to: Categorize the system with FIPS 199, I then need to Select controls from CNSSI 1253, Implement controls with 800-53A, peform A&A with 800-37, and Continuous monitoring with 800-137.
So what would I do for a DHS, Federal Government, NERC, Ect? I have an interview coming up and this is my weak area. I get the DIARMF and have ran through the process but I am weak on DHS, Fed, NERC guidelines.
In my new role I would be responsible for coordinating certification and incident response with Federal government.
Thanks,
-Phil
Determine the Vendor Policies for the specific department in regards to cyber security.
For example. According to DIARMF I need to: Categorize the system with FIPS 199, I then need to Select controls from CNSSI 1253, Implement controls with 800-53A, peform A&A with 800-37, and Continuous monitoring with 800-137.
So what would I do for a DHS, Federal Government, NERC, Ect? I have an interview coming up and this is my weak area. I get the DIARMF and have ran through the process but I am weak on DHS, Fed, NERC guidelines.
In my new role I would be responsible for coordinating certification and incident response with Federal government.
Thanks,
-Phil
Read my blog @ www.buildingautomationmonthly.com
Connect with me on LinkedIn @ https://www.linkedin.com/in/phillipzito
Connect with me on LinkedIn @ https://www.linkedin.com/in/phillipzito