Risk Management Framework: Cybersecurity Compliance for Modeling, Simulation, and Training Systems
(Room S320A)
26 Nov 18
12:45 PM
-
2:15 PM
Cybersecurity, it is everywhere we look in today’s world and when it comes to government systems it commonly evokes fears of insurmountable regulation which ultimately provide little benefit. This tutorial aims to educate the audience with an understanding of the ultimate goals of the Risk Management Framework (RMF) and how it was designed to relieve excessive regulation and costs. An area of focus will be on understanding the requirements for the Cybersecurity RMF and how it applies to modeling, simulation, and training systems. We will detail the reasons for Cybersecurity compliance, the key concepts, and why it is critical for military, government, and even civilian applications. The tutorial will explain the general process of approaching RMF compliance and how the Cybersecurity implementation plans are created and revised in the requirements gathering phases of a project. Using these RMF requirements and concepts, the tutorial will then take it a step further and analyze the documentation deliverables associated with RMF, their purposes, and finally the government processes necessary to submit a system for an Authority-to-Operate decision. Attendees will gain a strong foundational understanding of the Cybersecurity Risk Management Framework and how to apply it in their own programs.