In this session one of a four part series led by Cara Wulf, we define “cybersecurity” foundations and explain why it matters. We discuss the type of information that must be protected, and the key governing bodies tasked with implementing the patchwork of laws and regulations addressing cybersecurity requirements. We examine the Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) clauses governing cybersecurity, as well as certain publications of the National Institute of Standards and Technology (NIST), with particular focus on NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.
2.2.2021