DFARS Cybersecurity Virtual Classroom

Increase your SPRS Score by 200%

How to comply with the CMMC / NIST 800-171 Requirements

Many DoD contractors, suppliers, and vendors who process Controlled Unclassified Information (CUI) have no idea how to comply with the CMMC / NIST 800-171 cybersecurity requirements as listed in the DFARS 252.204-7012 clause.  Even when contractors understand the requirement, they are often resource strapped and cannot dedicate enough time to develop a compliant cybersecurity program.

Totem aims to rectify this situation with a series of short, online, hands-on virtual classes to show DoD contractors how to comply with the CMMC / NIST 800-171 requirement and build a compliant program with limited resources.

Cybersecurity Webinars for DoD Contractors

Next Cohort Starts Feb. 1st, 2021

Classes are 90 minutes and held
Monday, Wednesday, Friday for three consecutive weeks.

Our virtual DFARS classes are led by Totem’s team of seasoned cybersecurity experts, who themselves work for a small business prime DoD contractor. Presentation topics are outlined in the schedule section below and are intended to set the attendee off on the right foot to develop an Information Technology System Security Plan (SSP) commensurate with current DFARS 7012 requirements (NIST 800-171 controls) and future CMMC practice requirements.  Attendees will also learn how to comply with the incident response and reporting requirements for DoD contractors.  Workshop cohort size will be limited to no more than 10 companies to maximize individual Q&A time with our expert instructors.

Tuition for the nine (9) 1.5 hour classes (the 9th session is 2 hours and provides additional time for in-depth Q&A), e-workbook, and 30 days of the Totem Cybersecurity Compliance Management Software is $1,195.


Overview of Requirements   

·       Introduction to Totem.Tech

·       Overview of DFARS/CMMC cybersecurity compliance


Scoping your plan  

·       System Inventory basics

·       System Description workbook introduction


Initial Assessment  

·       The DoD 800-171 Assessment Methodology


Building an SSP (Part 1)  

·       System Security Plan (SSP) requirements

·       Introduction to Cybersecurity Program Planning


Building an SSP (Part 2)  

·       Principles of quality cybersecurity policies

·       Addressing the FAR 17


Building an SSP (Part 3)  

·       Addressing other challenging control families


Incident Response Planning (Part 1)  

·       Reporting Incidents—procuring an ECA certificate

·       Incident Response Plan Basics


Incident Response Planning (Part 2) 

·       Exercising your Incident Response Plan


Closing the gaps

·       Developing and executing a Plan of Actions and Milestones (POA&M)

·       Answer lingering questions


By participating in all of these virtual classes, the attendee will:

Understand the requirements for a DoD contractor cybersecurity program

Understand how the DoD intends to assess and certify cybersecurity programs for compliance

Begin building a System Security Plan (SSP) as a set of “blueprints” for their organization’s cybersecurity program

Begin developing a compliant and efficient cyber Incident Response capability within their organization

Understand how to develop and execute corrective action plans to fix gaps between current state of cybersecurity plan implementation and that outlined in the SSP

Next Cohort Starts Feb. 1st, 2021

Classes are 90 minutes and held
Monday, Wednesday, Friday for three consecutive weeks.