FIPS Validated Encryption – a CMMC Compliance Requirement

Abstract:

NMC will break-down exactly what FIPS-validated encryption means, when to apply it, and more importantly when you don’t need to apply it.

Description:

Do you hear the term FIPS-validated encryption and immediately tune out?  Do you have a purchase request sitting on your desk for new firewall, routers, wireless access points and/or switches which support FIPS-validated encryption to meet CMMC compliance?  Do you think all encryption in your network must be FIPS-validated to pass CMMC?  If so, this webinar is for you.

 The cybersecurity experts at the NMC will break down exactly what FIPS-validated encryption means, when to apply it, and more importantly when you don’t need to apply it.  Working off our previous webinar where the team evaluated different infrastructure setups (enterprise, enclave, or cloud) we all address some common solutions, and advantages/disadvantages each bring to the table.  The term “FIPS-validated” appears 24 times the CMMC Level 2 assessment guide, so we’ll also ask the resident NMC CMMC Lead Assessor what they’re looking for during a Level 2 CMMC Assessment.

Who Should Attend:

• CIO’s
• IT Staff
• Cybersecurity staff
• Outside Managed Service Providers

When:

Register here. 

About the NMC Cybersecurity Task Force: 

 The Naval & Maritime Consortium (NMC) Cybersecurity Task Force exists to enhance the cybersecurity posture and resilience of the maritime supply chain and its associated industries. Through education, the establishment of best practices, and providing a roadmap toward Cybersecurity Maturity Model Certification (CMMC), the CSTF ensures that NMC members are prepared to meet the evolving cybersecurity requirements necessary for participating in the Submarine Industrial Base, defense and maritime industries.

About Our Presenters: 

Joe Kurlanski

With over 25 years’ experience in IT and information security, Joe Kurlanski has developed sustainable risk management and information security programs for hospitals, banks, credit unions, Department of Defense contractors, and businesses of all sizes. Joe founded Monarch Information Security Consulting in 2014 expressly to meet the unique needs of businesses grappling with today’s myriad laws, regulations and data security challenges. He holds a CISSP® certification from ISC2©, and is a Certified Assessor (CA), Provisional Instructor (PI) and Registered Practitioner (RP) with the Cyber-AB.

Rich Moore

Rich Moore began his career developing the foundation of his operational and technical skills during his 15 years of military service with the U.S. Marine Corps Intelligence Community.

He continued his passion for protecting information and creating sound cyber risk practices when he transitioned to the private sector, as a consultant with KPMG providing security services for various public, private, and governmental institutions and subsequently assumed a senior leadership role with the Royal Bank of Scotland - Americas leading the institution’s regulatory and data protection programs and building the Cyber Intelligence and Cyber Risk program.

Prior to founding CyberSix, Rich served as the Managing Director of Global Cyber Risk Services at Alvarez and Marsal and as the Chief Information Security Officer at New York Life Insurance Company. In these roles, he implemented an agile and transformational Information security program that fostered an integrated “Intelligence and Risk” culture and program, providing executive management with a business focused view of the company’s cyber risks landscape. As part of the “Intelligence and Risk” program, he was accountable for leading and collaborating with a group of cross-functional executives in enhancing the company’s overall cyber and operational risk management capabilities. He was responsible for leading complex technical and operational mitigation efforts associated with the company’s threat landscape and regulatory matters.

Rich has served on numerous industry and client advisory boards and has been an Adjunct Professor at Salve Regina University and at Northeastern University Graduate Information Assurance programs. In addition to his University lectures, Mr. Moore is frequently a featured speaker at numerous industry conferences and a contributing author of Information Security books and articles. Mr. Moore earned a masters in information assurance from Norwich University. Currently, he sits on two academic advisory boards and a few advisory boards for cybersecurity technologies.

Mira Aslanova

Mira Aslanova has expertise in cybersecurity, particularly in the Risk Management Framework (RMF) processes for secret subsystems and developmental environments for the US Navy through Electric Boat. She has designed cybersecurity solutions for federal tactical and prototype environments, applying NIST SP 800-53 security controls. Mira now specializes in helping companies in the Defense Industrial Base (DIB) achieve CMMC certification. She has experience designing security solutions for unique environments, creating security policies, conducting gap assessments, performing vulnerability scans, and consulting organizations interested in gaining their CMMC certification.