In this episode, Jacob speaks with a panel of information security experts from universities about CMMC and their experience preparing for it!
They discuss security and compliance challenges at universities, the Penn State NIST 800-171 False Claims Act lawsuit, and much more!
Here are some highlights from the episode:
- How universities are different from other types of organizations
- Different compliance requirements for universities
- Who is involved in the execution of a government contract?
- The drivers of cybersecurity compliance at universities
- Thoughts on the Penn State False Claims Act lawsuit
- How to drive positive cybersecurity change at a university
- CUI enclaves at universities
- Areas of CMMC that need clarification
Here are the panelists:
- Jay Gallman - Duke University ( / jay-gallman )
- Kolin Hodgson - Notre Dame ( / kolin-hodgson-cisa-cis... )
- Melissa Kimble - University of Maine ( / melissa-kimble )
- Wendy Epley - University of Arizona ( / wendyepley )
Thanks to our sponsor Keeper Security!
Need a secure file sharing solution? Register for a webinar showing how Defense Contractors can share sensitive information using Keeper: grcacademy.io/ref/keeper/webi...
Start a free 14-day trial of Keeper: grcacademy.io/ref/keeper/b2b-...
See the CMMC controls that Keeper meets: grcacademy.io/ref/keeper/cmmc...
-----------
Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!
Online GRC Training: grcacademy.io/courses/?...
00:00:00 Beginning
00:00:29 Wendy Epley from the University of Arizona
00:01:21 Melissa Kimble from the University of Maine
00:02:26 Jay Gallman from Duke University
00:03:25 Kolin Hodgson from Notre Dame University
00:04:49 How universities are different from other types of organizations
00:07:44 How universities are structured
00:10:17 Different compliance requirements for universities
00:14:19 Who is involved in the execution of a government contract?
00:19:59 Who is responsible for handling incidents?
00:25:59 The drivers of cybersecurity compliance at universities
00:32:22 Upcoming cyber legislation and regulation
00:36:22 Penn State False Claims Act lawsuit
00:41:24 How to drive positive cybersecurity change at a university
00:46:51 CUI enclaves at universities
00:51:23 Specialized research tools at universities
00:57:44 Are isolated networks a new concept for universities?
01:04:31 System Security Plan (SSP) management
01:06:43 Areas of CMMC that need clarification
01:12:06 Lessons learned
01:15:33 Conclusion
Негізгі бет Ғылым және технология CMMC and Security Compliance in Higher Education
Пікірлер: 7