Cybersecurity 101

Online Course for DoD Contractors

Understand the DFARS Cybersecurity Requirements

 

        Totem.Tech is offering a seven-week online course for DoD contractors becoming compliant with DFARS/NIST 800-171 cybersecurity requirements. 

        Upon filling out the form, a Totem.Tech associate will contact you about pricing, the enrollment process and to answer any questions you have about the content of our materials. Our Totem.Tech associate will also apply any promotional code that you have collected!

Totem.Tech’s course readings were created by our cybersecurity engineers and compliance analysts after completing dozens of compliance assessments for DoD customers. The goal from our engineers and analysts was to provide clarity and practical guidance on many common questions about the compliance process. Here are some of those questions:

• Which DoD contractors need to complete the DFARS cybersecurity requirements?

• How do I get started with becoming complaint with DFARS cybersecurity requirements?

• If I utilize the cloud, am I still required to comply with DFARS cybersecurity requirements?

• What do I show auditors when they ask if my organization is DFARS compliant?

• Why does my organization need an incident response plan?

• What is the Cybersecurity Maturity Model Certification (CMMC)?

Totem.Tech’s Cybersecurity 101 lessons were created with the busy business executive in mind. Our course readings are self-paced, with full online accessibility or printable in PDF format. The last week of the lessons will include a compliance assessment with a Totem.Tech analyst to cover many of the organizational actions from the DFARS/NIST cybersecurity requirements. 

1.1 Brief overview of cybersecurity requirements and why they are there.

1.2 Does every Government Contractor have to comply? What is CDI? Do I have any CDI?

1.3 First Step: Segregating or co-mingling CDI with other corporate data.

2.1 Introduction to System Security Plans (SSP).

2.2 FARS 17 – How to prioritize implementation.

2.3 Addressing the other challenging controls.

3.1 Introduction to Plan of Actions and Milestones (POA&M).

3.2 Risk Assessment vs. Control Assessment.

4.1 Proactive doesn’t mean no incidents: Differences between an event, incident, and breach.

4.2 Introduction to Incident Response Plans.

4.3 Incident Response Reporting.

5.1 What is the cloud? Can I use it for DFARS compliance?

5.2 FedRamp and cloud service security requirements.

5.3 Who is responsible if there is a breach?

6.1 Importance of company buy-in to your cybersecurity policies.

6.2 Where to start? Company training and Authorized Use Policies (AUP).

7.1 Differences between control assessment, vulnerability scanning, pen testing, and risk assessments.

7.2 Schedule risk assessment (included in DFARS Cybersecurity 101 class).