Institute For Supply Management - Understanding Federal ProcurementJSchaus & Associates
Federal Procurement rules, nuances and best practices presented by Jennifer Schaus to the ISM, Institute For Supply Management.
More info:
hello@jenniferschaus.com
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/user/Schausjennifer/feed
SubContracting Opportunities - Department Of Health and Human ServicesJSchaus & Associates
Join Jennifer Schaus & Associates in this webinar series on SubContracting Opportunities at The Department Of Health and Human Services.
Webinars are complimentary and recorded. Hear about the top prime vendors, contract trends, marketing and legal best practices. Get links to contacts, forecast and small business offices.
Questions? hello@JenniferSchaus.com
Audio/Video Youtube link: COMING SOON
Please join Jennifer Schaus & Associates every Wednesday Friday in 2022 for a complimentary webinar series. See the full recording on our YouTube Channel https://www.youtube.com/channel/UCYvCaZcAvSYYEAZCqj2CQ9g and full schedule on our website: https://www.jenniferschaus.com/far-supplements
For more information about our federal contracting services please contact us at hello@jenniferschaus.com
Win more federal government contracts!
Join Jennifer Schaus & Associates in this webinar series on SubContracting Opportunities at The Department Of Energy.
Webinars are complimentary and recorded. Hear about the top prime vendors, contract trends, marketing and legal best practices. Get links to contacts, forecast and small business offices.
Questions? hello@JenniferSchaus.com
Audio/Video Youtube link: COMING SOON
Please join Jennifer Schaus & Associates every Wednesday Friday in 2022 for a complimentary webinar series. See the full recording on our YouTube Channel https://www.youtube.com/channel/UCYvCaZcAvSYYEAZCqj2CQ9g and full schedule on our website: https://www.jenniferschaus.com/far-supplements
For more information about our federal contracting services please contact us at hello@jenniferschaus.com
Win more federal government contracts!
Join us in this complimentary webinar series of 2022 covering SUBCONTRACTING.
We will uncover (1) The Top Vendors within the 15 Federal Departments, (2) Sub-Contracting opportunities, (3) Contracting trends for small businesses and (4) legal considerations for Sub-Contractors.
This series is complimentary and recorded.
Please find our recordings on YOUTUBE and on our website.
This series runs for 15 consecutive Wednesdays at 12pm EST from 09/07/2022 - 12/14/2022
SPONSORSHIP / ADVERTISING OPPORTUNITIES ARE AVAILABLE.
Please contact hello@jenniferschaus.com for a MEDIA KIT and Pricing.
THANK YOU for your interest in our webinars.
hello@jenniferschaus.com
Microsoft Cloud Identity and Access Management Poster - AtidanDavid J Rosenthal
Unlock the power of the cloud with enterprise-level identity services for all your cloud apps.
AZURE ACTIVE DIRECTORY
Use Azure Active Directory (Azure AD) at
global scale to centrally manage employee
access and provide single sign-on to
Microsoft services such as Azure, Office 365,
Dynamics CRM, Windows Intune, and
thousands of non-Microsoft cloud apps
MULTI-FACTOR AUTHENTICATION
Use Multi-Factor Authentication to protect
access to sensitive company information
and to help protect your organization from
malicious attacks.
Institute For Supply Management - Understanding Federal ProcurementJSchaus & Associates
Federal Procurement rules, nuances and best practices presented by Jennifer Schaus to the ISM, Institute For Supply Management.
More info:
hello@jenniferschaus.com
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/user/Schausjennifer/feed
SubContracting Opportunities - Department Of Health and Human ServicesJSchaus & Associates
Join Jennifer Schaus & Associates in this webinar series on SubContracting Opportunities at The Department Of Health and Human Services.
Webinars are complimentary and recorded. Hear about the top prime vendors, contract trends, marketing and legal best practices. Get links to contacts, forecast and small business offices.
Questions? hello@JenniferSchaus.com
Audio/Video Youtube link: COMING SOON
Please join Jennifer Schaus & Associates every Wednesday Friday in 2022 for a complimentary webinar series. See the full recording on our YouTube Channel https://www.youtube.com/channel/UCYvCaZcAvSYYEAZCqj2CQ9g and full schedule on our website: https://www.jenniferschaus.com/far-supplements
For more information about our federal contracting services please contact us at hello@jenniferschaus.com
Win more federal government contracts!
Join Jennifer Schaus & Associates in this webinar series on SubContracting Opportunities at The Department Of Energy.
Webinars are complimentary and recorded. Hear about the top prime vendors, contract trends, marketing and legal best practices. Get links to contacts, forecast and small business offices.
Questions? hello@JenniferSchaus.com
Audio/Video Youtube link: COMING SOON
Please join Jennifer Schaus & Associates every Wednesday Friday in 2022 for a complimentary webinar series. See the full recording on our YouTube Channel https://www.youtube.com/channel/UCYvCaZcAvSYYEAZCqj2CQ9g and full schedule on our website: https://www.jenniferschaus.com/far-supplements
For more information about our federal contracting services please contact us at hello@jenniferschaus.com
Win more federal government contracts!
Join us in this complimentary webinar series of 2022 covering SUBCONTRACTING.
We will uncover (1) The Top Vendors within the 15 Federal Departments, (2) Sub-Contracting opportunities, (3) Contracting trends for small businesses and (4) legal considerations for Sub-Contractors.
This series is complimentary and recorded.
Please find our recordings on YOUTUBE and on our website.
This series runs for 15 consecutive Wednesdays at 12pm EST from 09/07/2022 - 12/14/2022
SPONSORSHIP / ADVERTISING OPPORTUNITIES ARE AVAILABLE.
Please contact hello@jenniferschaus.com for a MEDIA KIT and Pricing.
THANK YOU for your interest in our webinars.
hello@jenniferschaus.com
Microsoft Cloud Identity and Access Management Poster - AtidanDavid J Rosenthal
Unlock the power of the cloud with enterprise-level identity services for all your cloud apps.
AZURE ACTIVE DIRECTORY
Use Azure Active Directory (Azure AD) at
global scale to centrally manage employee
access and provide single sign-on to
Microsoft services such as Azure, Office 365,
Dynamics CRM, Windows Intune, and
thousands of non-Microsoft cloud apps
MULTI-FACTOR AUTHENTICATION
Use Multi-Factor Authentication to protect
access to sensitive company information
and to help protect your organization from
malicious attacks.
Data Catalogs Are the Answer – What Is the Question?DATAVERSITY
Organizations with governed metadata made available through their data catalog can answer questions their people have about the organization’s data. These organizations get more value from their data, protect their data better, gain improved ROI from data-centric projects and programs, and have more confidence in their most strategic data.
Join Bob Seiner for this lively webinar where he will talk about the value of a data catalog and how to build the use of the catalog into your stewards’ daily routines. Bob will share how the tool must be positioned for success and viewed as a must-have resource that is a steppingstone and catalyst to governed data across the organization.
In this webinar, Bob will focus on:
-Selecting the appropriate metadata to govern
-The business and technical value of a data catalog
-Building the catalog into people’s routines
-Positioning the data catalog for success
-Questions the data catalog can answer
Please join Jennifer Schaus & Associates in our COMPLIMENTARY Webinar Series in 2023.
ALL WEBINARS ARE COMPLIMENTARY & RECORDED.
Please find the recordings on our YOUTUBE Channel, along with 500+ government contracting webinars.
In 2023, we will profile the TOP 40 FEDERAL GOVERNMENT CONTRACTORS, including:
- Company Profile;
- Small Business Liaison Contact Details
- Company Contract Trends - Defense vs Civilian
- Subcontracting Opportunities
- Other Relevant Information
SPONSORSHIP / ADVERTISING OPPORTUNITIES AVAILABLE! PLEASE EMAIL hello@jenniferschaus.com for a MEDIA KIT.
Thank You For Registering. Please tell a colleague or friend!
Please join Jennifer Schaus & Associates every Wednesday Friday in 2022 for a complimentary webinar series. See the full recording on our YouTube Channel https://www.youtube.com/channel/UCYvCaZcAvSYYEAZCqj2CQ9g and full schedule on our website: https://www.jenniferschaus.com/far-supplements
For more information about our federal contracting services please contact us at hello@jenniferschaus.com
Win more federal government contracts!
Join CCG for our Data Governance (DG) Workshop where CCG will introduce their Data Governance methodology and framework that enables organizations to assess DG faster, deriving actionable insights that can be quickly implemented with minimal disruption. CCG will also discuss how Microsoft Azure Solutions can be leveraged to build a strong foundation for governed data insights.
Many significant business initiatives and large IT projects depend upon a successful data migration. Your goal is to minimize as much risk as possible through effective planning and scoping. This paper will provide insight into what issues are unique to data migration projects and offer advice on how to best approach them.
Join J Schaus & Associates in a complimentary webinar on SUBCONTRACTING.
This webinar kicks off our 2023 Government Contracting Webinar Series on Wednesdays at 12pm Eastern.
The on-going WEBINAR SERIES will profile the TOP 40 FEDERAL CONTRACTORS, including subcontracting opportunities, small business liaison outreach, and more over the course of 40 weeks (FEB 8 - NOV 15, 2023)
Please register for THE TOP 40 Webinar Series on our website at: https://www.jenniferschaus.com/top40
Sponsorship/Advertising Opportunities are available.
Wednesday, FEB 1st, Webinar: "SUBCONTRACTING WITH THE PRIMES"
We will uncover subcontracting best practices related to research, strategy, marketing, legal, pricing and compliance.
Industry leaders will be our guest speakers and offer advice, tips and areas to avoid.
AGENDA:
12.00 - 12.05: Introductions - Jennifer Schaus
12.05 - 12.35: Subcontracting MARKET RESEARCH (Jim Sherwood & Ashley Duwel)
12.35 - 1.05: Subcontracting STRATEGIES (Tan Wilson & Jim Bender)
1.05 - 1.35: Subcontracting MARKETING / BUSINESS DEVELOPMENT (Mark Amtower & Chelsea Meggitt)
1.35 - 2.05: Subcontracting LEGAL (Susan Ebner & Jody Reed)
2.05 - 2.35: Subcontracting PRICING (Marsha Lindquist & Michael Gallo)
2.35 - 3.05: Subcontracting COMPLIANCE (Dolores Kuchina-Musina & Jeff Shapiro)
3.05 - 3.10: Closing Remarks - Jennifer Schaus
COMPLIMENTARY & RECORDED
Data Migration Strategies PowerPoint Presentation SlidesSlideTeam
Data migration is a key consideration of any system implementation. Discuss the data transfer plans with this content ready Data Migration Strategies PowerPoint Presentation Slides. Data transformation plan PowerPoint complete deck is a systematic presentation which includes PPT slides such as data migration approach, steps, a simplified illustration of data migration steps, lifecycle, process, data migration on the cloud, and many more. Besides this, data transfer plan PPT slides are apt to present related concepts like data conversion, data curation, data preservation, system migration to name a few. The content ready information transfer PPT visuals are fully editable. You can modify, color, text, and font size. It has relevant templates to cater to your business needs. Outline all the important concepts without any hassle. Showcase the process of selecting, preparing, extracting and transforming data using this professionally designed information migration plan presentation design.
Finding the perfect data governance environment is an elusive target. It’s important to govern to the least extent necessary in order to achieve the greatest common good. With the three data governance cultures, authoritarian, tribal, and democratic, the latter is best for a balanced, productive governance strategy.
The Triple Aim of data governance is: 1) ensuring data quality, 2) building data literacy, and 3) maximizing data exploitation for the organization’s benefit. The overall strategy should be guided by these three principles under the guidance of the data governance committee.
Data governance committees need to be sponsored at the executive board and leadership level, with supporting roles defined for data stewards, data architects, database and systems administrators, and data analysts. Data governance committees need to avoid the most common failure modes: wandering, technical overkill, political infighting, and bureaucratic red tape.
Healthcare organizations that are undergoing analytics adoption will also go through six phases of data governance including: 1) establishing the tone for becoming a data-driven organization, 2) providing access to data, 3) establishing data stewards, 4) establishing a data quality program, 5) exploiting data for the benefit of the organization, 6) the strategic acquisition of data to benefit the organization.
As U.S. healthcare moves into its next stage of evolution, the organizations that will survive and thrive will be those who most effectively acquire, analyze, and utilize their data to its fullest extent. Such is the mission of data governance.
The Data Driven University - Automating Data Governance and Stewardship in Au...Pieter De Leenheer
Data Governance and Stewardship requires automation of business semantics management at its nucleus, in order to achieve data trust between business and IT communities in the organization. University divisions operate highly autonomously and decentralized, and are often geographically distributed. Hence, they benefit more from an collaborative and agile approach to Data Governance and Stewardship approach that adapts to its nature.
In this lecture, we start by reviewing 'C' in ICT and reflect on the dilemma: what is the most important quality of data being shared: truth or trust? We review the wide spectrum of business semantics. We visit the different phases of growing data pain as an organization expands, and we map each phase on this spectrum of semantics.
Next, we introduce our principles and framework for business semantics management to support Data Governance and Stewardship focusing on the structural (what), processual (how) and organizational (who) components. We illustrate with use cases from Stanford University, George Washington University and Public Science and Innovation Administrations.
Where Data Architecture and Data Governance CollideDATAVERSITY
While collide is perhaps a strong term to use to describe the key area where Data Architecture and Data Governance interact, it does provide motivation to perhaps calm the traffic and avoid further collisions. In order to harmoniously interact, architecture and governance must literally be working from the same diagram (singing from the same sheet of music). The worst time to try to accomplish this is on a short-term decision. Better still to educate each group to the function of the other and major issues upcoming. A shared Data Literacy exercise can provide a good starting point.
Learning objectives:
- Gaining a good understanding of both important topics, each’s relationship to the other, and what is required for each to be successful
- Not to have the first conversation be the important one
- Coordination is key requiring necessary interdependencies and sequencing
- Integration challenges can be valued, assisting shared priority development
In the past few years, the term "data lake" has leaked into our lexicon. But what exactly IS a data lake? Some IT managers confuse data lakes with data warehouses. Some people think data lakes replace data warehouses. Both of these conclusions are false. Their is room in your data architecture for both data lakes and data warehouses. They both have different use cases and those use cases can be complementary.
Todd Reichmuth, Solutions Engineer with Snowflake Computing, has spent the past 18 years in the world of Data Warehousing and Big Data. He spent that time at Netezza and then later at IBM Data. Earlier in 2018 making the jump to the cloud at Snowflake Computing.
Mike Myer, Sales Director with Snowflake Computing, has spent the past 6 years in the world of Security and looking to drive awareness to better Data Warehousing and Big Data solutions available! Was previously at local tech companies FireMon and Lockpath and decided to join Snowflake due to the disruptive technology that's truly helping folks in the Big Data world on a day to day basis.
Data Mesh is the decentralized architecture where your units of architecture is a domain driven data set that is treated as a product owned by domains or teams that most intimately know that data either creating it or they are consuming it and re-sharing it and allocated specific roles that have the accountability and the responsibility to provide that data as a product abstracting away complexity into infrastructure layer a self-serve infrastructure layer so that create these products more much more easily.
Big data requires service that can orchestrate and operationalize processes to refine the enormous stores of raw data into actionable business insights. Azure Data Factory is a managed cloud service that's built for these complex hybrid extract-transform-load (ETL), extract-load-transform (ELT), and data integration projects.
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...DATAVERSITY
With the explosive growth of DataOps to drive faster and more confident business decisions, proactively understanding the quality and health of your data is more important than ever. Data observability is an emerging discipline within data quality used to expose anomalies in data by continuously monitoring and testing data using artificial intelligence and machine learning to trigger alerts when issues are discovered.
Join Julie Skeen and Shalaish Koul from Precisely, to learn how data observability can be used as part of a DataOps strategy to improve data quality and reliability and to prevent data issues from wreaking havoc on your analytics and ensure that your organization can confidently rely on the data used for advanced analytics and business intelligence.
Topics you will hear addressed in this webinar:
Data observability – what is it and how it can complement your data quality strategy
Why now is the time to incorporate data observability into your DataOps strategy
How data observability helps prevent data issues from impacting downstream analytics
Examples of how data observability can be used to prevent real-world issues
Linking Data Governance to Business GoalsPrecisely
The importance of data to businesses has increased exponentially over recent years as companies seek benefits such as gains in efficiency, the ability to respond to growing privacy regulations scale quickly and increased and increase customer loyalty.
Despite being a vital part of any Data Transformation, Data Governance has sometimes been misrepresented as a restrictive and controlling process leaving governance leaders having to continually make the case for business buy-in.
In this on-demand webinar we will explore the concept of business-first Data Governance, an approach that promotes adoption by the organisation, lays the foundation for data integrity and consistently delivers business value in the long term.
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Amazon Web Services
The Cloud Journey Workshop is an experiential session that works through a representative use case of a company's cloud adoption journey. In this session, participants divide into teams, and each team makes practical recommendations for how to plan and execute their journey to the cloud so they can meet business expectations. By participating, you learn best practices on organization transformation, cloud foundations establishment, migration methodology, and application landscape optimization from AWS facilitators. You also have the opportunity to share tips with other AWS customers to make your cloud journey successful.
Government Technology & Services Coalition & InfraGard NCR's Program: Cyber Security: Securing the Federal Cyber Domain by Strengthening Public-Private Partnership
Presentation: Cybersecurity for Government Contractors
Presenter: Robert Nichols, Partner, Covington & Burling LLP
Why does DFARS exist?
Current requirements for companies with Controlled Unclassified Information (CUI) or DoD Covered Defense Information (CDI)
What is CMMC?
Data Catalogs Are the Answer – What Is the Question?DATAVERSITY
Organizations with governed metadata made available through their data catalog can answer questions their people have about the organization’s data. These organizations get more value from their data, protect their data better, gain improved ROI from data-centric projects and programs, and have more confidence in their most strategic data.
Join Bob Seiner for this lively webinar where he will talk about the value of a data catalog and how to build the use of the catalog into your stewards’ daily routines. Bob will share how the tool must be positioned for success and viewed as a must-have resource that is a steppingstone and catalyst to governed data across the organization.
In this webinar, Bob will focus on:
-Selecting the appropriate metadata to govern
-The business and technical value of a data catalog
-Building the catalog into people’s routines
-Positioning the data catalog for success
-Questions the data catalog can answer
Please join Jennifer Schaus & Associates in our COMPLIMENTARY Webinar Series in 2023.
ALL WEBINARS ARE COMPLIMENTARY & RECORDED.
Please find the recordings on our YOUTUBE Channel, along with 500+ government contracting webinars.
In 2023, we will profile the TOP 40 FEDERAL GOVERNMENT CONTRACTORS, including:
- Company Profile;
- Small Business Liaison Contact Details
- Company Contract Trends - Defense vs Civilian
- Subcontracting Opportunities
- Other Relevant Information
SPONSORSHIP / ADVERTISING OPPORTUNITIES AVAILABLE! PLEASE EMAIL hello@jenniferschaus.com for a MEDIA KIT.
Thank You For Registering. Please tell a colleague or friend!
Please join Jennifer Schaus & Associates every Wednesday Friday in 2022 for a complimentary webinar series. See the full recording on our YouTube Channel https://www.youtube.com/channel/UCYvCaZcAvSYYEAZCqj2CQ9g and full schedule on our website: https://www.jenniferschaus.com/far-supplements
For more information about our federal contracting services please contact us at hello@jenniferschaus.com
Win more federal government contracts!
Join CCG for our Data Governance (DG) Workshop where CCG will introduce their Data Governance methodology and framework that enables organizations to assess DG faster, deriving actionable insights that can be quickly implemented with minimal disruption. CCG will also discuss how Microsoft Azure Solutions can be leveraged to build a strong foundation for governed data insights.
Many significant business initiatives and large IT projects depend upon a successful data migration. Your goal is to minimize as much risk as possible through effective planning and scoping. This paper will provide insight into what issues are unique to data migration projects and offer advice on how to best approach them.
Join J Schaus & Associates in a complimentary webinar on SUBCONTRACTING.
This webinar kicks off our 2023 Government Contracting Webinar Series on Wednesdays at 12pm Eastern.
The on-going WEBINAR SERIES will profile the TOP 40 FEDERAL CONTRACTORS, including subcontracting opportunities, small business liaison outreach, and more over the course of 40 weeks (FEB 8 - NOV 15, 2023)
Please register for THE TOP 40 Webinar Series on our website at: https://www.jenniferschaus.com/top40
Sponsorship/Advertising Opportunities are available.
Wednesday, FEB 1st, Webinar: "SUBCONTRACTING WITH THE PRIMES"
We will uncover subcontracting best practices related to research, strategy, marketing, legal, pricing and compliance.
Industry leaders will be our guest speakers and offer advice, tips and areas to avoid.
AGENDA:
12.00 - 12.05: Introductions - Jennifer Schaus
12.05 - 12.35: Subcontracting MARKET RESEARCH (Jim Sherwood & Ashley Duwel)
12.35 - 1.05: Subcontracting STRATEGIES (Tan Wilson & Jim Bender)
1.05 - 1.35: Subcontracting MARKETING / BUSINESS DEVELOPMENT (Mark Amtower & Chelsea Meggitt)
1.35 - 2.05: Subcontracting LEGAL (Susan Ebner & Jody Reed)
2.05 - 2.35: Subcontracting PRICING (Marsha Lindquist & Michael Gallo)
2.35 - 3.05: Subcontracting COMPLIANCE (Dolores Kuchina-Musina & Jeff Shapiro)
3.05 - 3.10: Closing Remarks - Jennifer Schaus
COMPLIMENTARY & RECORDED
Data Migration Strategies PowerPoint Presentation SlidesSlideTeam
Data migration is a key consideration of any system implementation. Discuss the data transfer plans with this content ready Data Migration Strategies PowerPoint Presentation Slides. Data transformation plan PowerPoint complete deck is a systematic presentation which includes PPT slides such as data migration approach, steps, a simplified illustration of data migration steps, lifecycle, process, data migration on the cloud, and many more. Besides this, data transfer plan PPT slides are apt to present related concepts like data conversion, data curation, data preservation, system migration to name a few. The content ready information transfer PPT visuals are fully editable. You can modify, color, text, and font size. It has relevant templates to cater to your business needs. Outline all the important concepts without any hassle. Showcase the process of selecting, preparing, extracting and transforming data using this professionally designed information migration plan presentation design.
Finding the perfect data governance environment is an elusive target. It’s important to govern to the least extent necessary in order to achieve the greatest common good. With the three data governance cultures, authoritarian, tribal, and democratic, the latter is best for a balanced, productive governance strategy.
The Triple Aim of data governance is: 1) ensuring data quality, 2) building data literacy, and 3) maximizing data exploitation for the organization’s benefit. The overall strategy should be guided by these three principles under the guidance of the data governance committee.
Data governance committees need to be sponsored at the executive board and leadership level, with supporting roles defined for data stewards, data architects, database and systems administrators, and data analysts. Data governance committees need to avoid the most common failure modes: wandering, technical overkill, political infighting, and bureaucratic red tape.
Healthcare organizations that are undergoing analytics adoption will also go through six phases of data governance including: 1) establishing the tone for becoming a data-driven organization, 2) providing access to data, 3) establishing data stewards, 4) establishing a data quality program, 5) exploiting data for the benefit of the organization, 6) the strategic acquisition of data to benefit the organization.
As U.S. healthcare moves into its next stage of evolution, the organizations that will survive and thrive will be those who most effectively acquire, analyze, and utilize their data to its fullest extent. Such is the mission of data governance.
The Data Driven University - Automating Data Governance and Stewardship in Au...Pieter De Leenheer
Data Governance and Stewardship requires automation of business semantics management at its nucleus, in order to achieve data trust between business and IT communities in the organization. University divisions operate highly autonomously and decentralized, and are often geographically distributed. Hence, they benefit more from an collaborative and agile approach to Data Governance and Stewardship approach that adapts to its nature.
In this lecture, we start by reviewing 'C' in ICT and reflect on the dilemma: what is the most important quality of data being shared: truth or trust? We review the wide spectrum of business semantics. We visit the different phases of growing data pain as an organization expands, and we map each phase on this spectrum of semantics.
Next, we introduce our principles and framework for business semantics management to support Data Governance and Stewardship focusing on the structural (what), processual (how) and organizational (who) components. We illustrate with use cases from Stanford University, George Washington University and Public Science and Innovation Administrations.
Where Data Architecture and Data Governance CollideDATAVERSITY
While collide is perhaps a strong term to use to describe the key area where Data Architecture and Data Governance interact, it does provide motivation to perhaps calm the traffic and avoid further collisions. In order to harmoniously interact, architecture and governance must literally be working from the same diagram (singing from the same sheet of music). The worst time to try to accomplish this is on a short-term decision. Better still to educate each group to the function of the other and major issues upcoming. A shared Data Literacy exercise can provide a good starting point.
Learning objectives:
- Gaining a good understanding of both important topics, each’s relationship to the other, and what is required for each to be successful
- Not to have the first conversation be the important one
- Coordination is key requiring necessary interdependencies and sequencing
- Integration challenges can be valued, assisting shared priority development
In the past few years, the term "data lake" has leaked into our lexicon. But what exactly IS a data lake? Some IT managers confuse data lakes with data warehouses. Some people think data lakes replace data warehouses. Both of these conclusions are false. Their is room in your data architecture for both data lakes and data warehouses. They both have different use cases and those use cases can be complementary.
Todd Reichmuth, Solutions Engineer with Snowflake Computing, has spent the past 18 years in the world of Data Warehousing and Big Data. He spent that time at Netezza and then later at IBM Data. Earlier in 2018 making the jump to the cloud at Snowflake Computing.
Mike Myer, Sales Director with Snowflake Computing, has spent the past 6 years in the world of Security and looking to drive awareness to better Data Warehousing and Big Data solutions available! Was previously at local tech companies FireMon and Lockpath and decided to join Snowflake due to the disruptive technology that's truly helping folks in the Big Data world on a day to day basis.
Data Mesh is the decentralized architecture where your units of architecture is a domain driven data set that is treated as a product owned by domains or teams that most intimately know that data either creating it or they are consuming it and re-sharing it and allocated specific roles that have the accountability and the responsibility to provide that data as a product abstracting away complexity into infrastructure layer a self-serve infrastructure layer so that create these products more much more easily.
Big data requires service that can orchestrate and operationalize processes to refine the enormous stores of raw data into actionable business insights. Azure Data Factory is a managed cloud service that's built for these complex hybrid extract-transform-load (ETL), extract-load-transform (ELT), and data integration projects.
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...DATAVERSITY
With the explosive growth of DataOps to drive faster and more confident business decisions, proactively understanding the quality and health of your data is more important than ever. Data observability is an emerging discipline within data quality used to expose anomalies in data by continuously monitoring and testing data using artificial intelligence and machine learning to trigger alerts when issues are discovered.
Join Julie Skeen and Shalaish Koul from Precisely, to learn how data observability can be used as part of a DataOps strategy to improve data quality and reliability and to prevent data issues from wreaking havoc on your analytics and ensure that your organization can confidently rely on the data used for advanced analytics and business intelligence.
Topics you will hear addressed in this webinar:
Data observability – what is it and how it can complement your data quality strategy
Why now is the time to incorporate data observability into your DataOps strategy
How data observability helps prevent data issues from impacting downstream analytics
Examples of how data observability can be used to prevent real-world issues
Linking Data Governance to Business GoalsPrecisely
The importance of data to businesses has increased exponentially over recent years as companies seek benefits such as gains in efficiency, the ability to respond to growing privacy regulations scale quickly and increased and increase customer loyalty.
Despite being a vital part of any Data Transformation, Data Governance has sometimes been misrepresented as a restrictive and controlling process leaving governance leaders having to continually make the case for business buy-in.
In this on-demand webinar we will explore the concept of business-first Data Governance, an approach that promotes adoption by the organisation, lays the foundation for data integrity and consistently delivers business value in the long term.
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Amazon Web Services
The Cloud Journey Workshop is an experiential session that works through a representative use case of a company's cloud adoption journey. In this session, participants divide into teams, and each team makes practical recommendations for how to plan and execute their journey to the cloud so they can meet business expectations. By participating, you learn best practices on organization transformation, cloud foundations establishment, migration methodology, and application landscape optimization from AWS facilitators. You also have the opportunity to share tips with other AWS customers to make your cloud journey successful.
Government Technology & Services Coalition & InfraGard NCR's Program: Cyber Security: Securing the Federal Cyber Domain by Strengthening Public-Private Partnership
Presentation: Cybersecurity for Government Contractors
Presenter: Robert Nichols, Partner, Covington & Burling LLP
Why does DFARS exist?
Current requirements for companies with Controlled Unclassified Information (CUI) or DoD Covered Defense Information (CDI)
What is CMMC?
Dickstein Shapiro LLP and the Government Technology & Services Coalition (GTSC) held a webcast, “Key Cybersecurity Issues for Government Contractors” on Thursday, October 3, 2013. This interactive program, of particular interest to government contractor compliance officers, CIOs, CISOs, General Counsel, and any other C-suite members, discussed how the federal government is planning on fundamentally altering its acquisition policies to make the cybersecurity of its contractors a top priority. The discussion included:
- Proposed Federal Acquisitions Regulation (FAR) changes relating to President Obama’s Cybersecurity Executive Order;
- Planned changes to procurement requirements based on independent agency actions;
- Congressionally mandated cybersecurity requirements; and
Ways contractors can prepare for these changes.
To view the webinar, visit:
The new CMMC version 1 was published in January 2020. This presentation was provided to small businesses's that are part of the DoD supply chain. It helps to understand the requirements.
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdfJack Nichelson
All DoD contractors are now be subject to CMMC 2.0 DFARS 252.204-7012 & 7019. This means, that any DoD suppliers looking to earn new business or up for a renewal will need to complete a new NIST 800-171 Self-Assessment and upload the results to the Supplier Performance Risk System (SPRS) before a contract is awarded. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC 2.0 certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score
Cybersecurity for GovCons - DFARS 252.204-7012 Latest Updates and Last CallUnanet
In this webinar Unanet and H2L Solutions, a provider of cyber security and information assurance services, will be discussing the latest updates for the DFARS 7012 regulations and answering questions that anyone might have regarding the assessment and the NIST 800-171 controls. We will cover the key requirements, adequate security, reporting compliance, flow down, implementation experiences and and the impact the regulation is having.
Learn more at: https://www.unanet.com/news/demand-webinars
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
Discussion of if and how you can secure payments in the cloud. Covers the issue, compliance considerations, regulatory changes and their impact, and provides a rationale for using a cloud to decouple your payments processes from your legacy infrastructure.
New York Cybersecurity Requirements for Financial Services CompaniesCitrin Cooperman
Is Your Strategy in Place to Meet the NYS DFS Regulation?
Understanding New York State’s required cybersecurity policies and procedures, how these new regulations apply to you, and what you need to do to become compliant can all be confusing and overwhelming. To help you through this process, Citrin Cooperman and Walker Wilcox Matousek, LLP hosted an informational webinar to walk you through the complexities of this new regulation.
Key questions that were answered, include:
What’s required under the new regulation?
Does this new regulation apply to you?
How will you comply with this new regulation?
What are the consequences of not complying?
Identify the cybersecurity requirements in your contracts (FAR, DFARS, and other clauses), define the basic cybersecurity requirements (14 categories of NIST 800-171) and learn the simple steps you can take to become compliant.
The Cybersecurity Maturity Model Certification (CMMC) continues to take shape, with the formation of the Accreditation Body (AB) and continued release of framework and contract guidance. The CMMC will be used as a unified standard for defense contractors to demonstrate cybersecurity program maturity and protection of CUI, and will ultimately require a third party assessment to achieve required certification. The DoD acknowledges that contractors of varying sizes struggle to maintain an appropriate cybersecurity posture and believes this new framework will help contractors implement effective cybersecurity controls tailored to the size and nature of their business and meet the DoD’s requirements.
In this webinar, Tom Tollerton, Managing Director of Cybersecurity & Privacy at DHG will discuss the latest developments around the framework, expectations in contracts in the coming months, and offer actionable recommendations for steps to prepare for potential requirements.
Download the presentation today or visit us at www.unanet.com.
Government Contracting - DFARS Part 252 - Clauses - Win Federal ContractsJSchaus & Associates
Please join Jennifer Schaus & Associates every Wednesday in 2021 for a complimentary Wednesday series. See the full recording on our YouTube Channel (coming soon). For more information about our federal contracting services please visit http://www.Jenniferschaus.com or contact us at 202-365-0598. Win more federal government contracts!
In January 2020, the Department of Defense released the initial version of Cybersecurity Maturity Model Certification (CMMC) standard. Certifications will begin for new and existing defense contractors this year. As you are preparing for the CMMC now by becoming NIST 800-171 compliant, it is critical to ensure you can continue bidding on RFPs. Any type of cybersecurity audit takes time and getting compliant to NIST 800-171 ahead of an audit is no different.
Whether your organization’s security and compliance are 80% of the way there, or you think your infrastructure needs a complete overhaul, get tips and insights to get you closer to compliance.
We Share:
- An overview of the compliance requirements,
- Tips for analyzing current cyber security measures and processes,
- How the Microsoft 365 Cloud helps ensure compliance
- Measures you can put in place to help you meet NIST 800-171 compliance
As a Texas-based defense prime or subcontractor, you’ve probably taken steps towards protecting your Controlled Unclassified Information (CUI), preparing for Cybersecurity Maturity Model Certification (CMMC), or even documenting your NIST 800-171 compliance.
But how can you ensure that those steps will prepare your business for a successful audit in light of the latest changes to the CMMC 2.0 release?
TMAC hosted an educational webinar together with Max Aulakh – CEO at Ignyte Platform, on April 5th, to discuss what changed in the CMMC 2.0 audit assurance process:
- What should SMBs be aware of in the process of preparing for the CMMC audit?
- How CMMC 2.0 changes impact your business?
- What parts of CMMC 1.0 can your business reuse to maintain your compliance efforts?
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptxJack Nichelson
Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score
Similar to Arnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors (20)
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Join Jennifer Schaus & The Eastern Michigan APEX Accelerator as we discuss the very basics of federal marketing. This is a 101 class. Find the full recording on our website and YouTube Channel! https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Donate to charity during this holiday seasonSERUDS INDIA
For people who have money and are philanthropic, there are infinite opportunities to gift a needy person or child a Merry Christmas. Even if you are living on a shoestring budget, you will be surprised at how much you can do.
Donate Us
https://serudsindia.org/how-to-donate-to-charity-during-this-holiday-season/
#charityforchildren, #donateforchildren, #donateclothesforchildren, #donatebooksforchildren, #donatetoysforchildren, #sponsorforchildren, #sponsorclothesforchildren, #sponsorbooksforchildren, #sponsortoysforchildren, #seruds, #kurnool
Presentation by Jared Jageler, David Adler, Noelia Duchovny, and Evan Herrnstadt, analysts in CBO’s Microeconomic Studies and Health Analysis Divisions, at the Association of Environmental and Resource Economists Summer Conference.
Monitoring Health for the SDGs - Global Health Statistics 2024 - WHOChristina Parmionova
The 2024 World Health Statistics edition reviews more than 50 health-related indicators from the Sustainable Development Goals and WHO’s Thirteenth General Programme of Work. It also highlights the findings from the Global health estimates 2021, notably the impact of the COVID-19 pandemic on life expectancy and healthy life expectancy.
This session provides a comprehensive overview of the latest updates to the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (commonly known as the Uniform Guidance) outlined in the 2 CFR 200.
With a focus on the 2024 revisions issued by the Office of Management and Budget (OMB), participants will gain insight into the key changes affecting federal grant recipients. The session will delve into critical regulatory updates, providing attendees with the knowledge and tools necessary to navigate and comply with the evolving landscape of federal grant management.
Learning Objectives:
- Understand the rationale behind the 2024 updates to the Uniform Guidance outlined in 2 CFR 200, and their implications for federal grant recipients.
- Identify the key changes and revisions introduced by the Office of Management and Budget (OMB) in the 2024 edition of 2 CFR 200.
- Gain proficiency in applying the updated regulations to ensure compliance with federal grant requirements and avoid potential audit findings.
- Develop strategies for effectively implementing the new guidelines within the grant management processes of their respective organizations, fostering efficiency and accountability in federal grant administration.
Preliminary findings _OECD field visits to ten regions in the TSI EU mining r...OECDregions
Preliminary findings from OECD field visits for the project: Enhancing EU Mining Regional Ecosystems to Support the Green Transition and Secure Mineral Raw Materials Supply.
ZGB - The Role of Generative AI in Government transformation.pdfSaeed Al Dhaheri
This keynote was presented during the the 7th edition of the UAE Hackathon 2024. It highlights the role of AI and Generative AI in addressing government transformation to achieve zero government bureaucracy
Transit-Oriented Development Study Working Group Meeting
Arnold & Porter Cybersecurity Compliance and Enforcement for Federal Contractors
1. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Cybersecurity Compliance &
Enforcement for Federal Contractors
Friday, September 30, 2022
12pm EST
2. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
About Jschaus & Associates:
Ø Washington DC based
Ø Consulting firm working with established Federal Contractors;
Ø Webinars, Events, Conferences;
Ø Newsletter – reaching 23K Federal Contractors;
Ø 500+ Webinars on YouTube;
Ø Advertising & Sponsor Opportunities
3. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
About Arnold & Porter:
Ø Top-ranked Government Contracts practice
Ø Represent the entire spectrum of domestic and international government
contractors: start-ups, Fortune 100 companies, and non-profits
Ø Help address the increasingly complex cyber issues confronting
commercial businesses, government contractors, and the special concerns
associated with work for DoD and intelligence agencies
5. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Sonia Tabriz
sonia.tabriz@arnoldporter.com
202.942.6574
6. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Tom Pettit
thomas.pettit@arnoldporter.com
202.942.6075
7. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Agenda
• Cybersecurity Requirements
• CMMC Overview and Updates
• Enforcement
7
9. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
FAR 52.204-21, Basic Safeguarding of Covered Contractor Information
Systems
• Applies to any information system “owned or operated by a contractor that processes,
stores, or transmits” “federal contract information” (FCI)
• FCI is any information “not intended for public release” obtained from or developed for the
Government in the performance of a contract
• Establishes baseline security standards, such as:
• Identifying users, processes, and devices (e.g., personal identity verification (PIV))
• Limiting access to information systems to only authorized users, processes, and devices (e.g., mandating passwords,
managing group policies, and maintaining the Windows Registry)
• Installing and updating antivirus software and other protections against malicious code; scanning for malware
• Regulating physical access to information systems and facilities
9
10. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
DFARS 252.204-7012, Safeguarding Covered Defense Information and
Cyber Incident Reporting
• Applies to DoD contractors with information systems that will store, process, or transmit controlled
unclassified information (CUI) collected, developed, received, transmitted, used, or stored by or on
behalf of the contractors in support of the performance of the contract
• Two key elements: security controls and cyber incident reporting
• Security Controls
• Implement security controls in NIST SP 800-171
• Document security controls in system security plan
• Develop plan of action for any controls not implemented
10
11. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
DFARS 252.204-7012, Safeguarding Covered Defense Information and
Cyber Incident Reporting
• Security Controls
• NIST SP 800-171 compliance is generally a self-assessment system with a few caveats:
• System security plans and plans of action can be (but typically are not) formal contract deliverables
• Contractor must submit requests to vary from NIST SP 800-171 to the contracting officer for review by the DoD
CIO
• DIBCAC Assessments, DFARS 252.204-7019, and DFARS 252.204-7020
• Cloud Services
• CSPs must meet security requirements equivalent to the Federal Risk and Authorization Management Program
(FedRAMP) Moderate baseline
11
12. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
DFARS 252.204-7012, Safeguarding Covered Defense Information and
Cyber Incident Reporting
• Cyber Incident Reporting
• Cyber Incident: Actions taken through the use of computer networks that result in a compromise
or an actual or potentially adverse effect on an information system and/or the information
residing therein
• Compromise: Disclosure of information to unauthorized persons or a violation of the security policy
of a system and unauthorized intentional or unintentional disclosure, modification, destruction, or
loss of an object or the copying of information to unauthorized media may have occurred
• Adverse Effect: Not defined, but it could include, among other things, exfiltration, malware, DDoS
attack, ransomware attack
• Conduct a review, including assessing scope of cyber incident and impact on covered defense
information as well as ability to provide operationally critical support
• Must “rapidly” report cyber incidents through DIBNet
12
13. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
DFARS 252.204-7012, Safeguarding Covered Defense Information and
Cyber Incident Reporting
• Cyber Incident Reporting
• Submit malicious software to the DoD Cyber Crime Center
• Preserve information (images of information systems and monitoring/packet capture data) for at
least 90 days after reporting cyber incident
• DoD has right to perform forensic analysis and damage assessment, and contractor must
cooperate
• Subcontract flow down
13
14. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
DFARS 252.204-7019 & -7020, NIST SP 800-171 Assessments
• Apply to all solicitations and contracts that exceed the micro-purchase threshold and are not
exclusively for the acquisition of commercially available off-the-shelf (COTS) items
• Four Components:
• Weighted Score
• 110-point, weighted scoring system that measures the extent to which an offeror or contractor has implemented
the NIST SP 800-171 security controls.
• Standardized scoring methodology that assigns greater points to requirements that have greater impact on the
security of the network and its data than others.
• Confidence Levels
• Basic Assessment/Low Confidence: Self-assessment and self-generated score
• Medium Assessment/Confidence: DoD reviews Basic Assessment and associated documentation and discusses
any concerns with the contractor
• High Assessment/Confidence: Medium Assessment + verification, examination, and demonstration of SSP
14
15. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
DFARS 252.204-7019 & -7020, NIST SP 800-171 Assessments
• Four Components:
• Rebuttal and Adjudication: Contractor may, within 14 days, dispute any aspect of a DoD assessment
• Reporting: Contractor must enter data into the Supplier Performance Risk System (summary level score,
type of assessment, description of the SSP architecture, assessment date, and date when contractor will
achieve perfect score)
• American Fuel Cell & Coated Fabrics Co., B-420551, B-420551.2, June 2, 2022, 2022 CPD ¶ 139
15
17. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Why CMMC?
• DFARS 252.204-7012 relies on contractor self-assessments
• There is no mandatory government oversight
• DoD concluded that the “Scout’s Honor” system was ineffective
• A 2018 National Defense Industrial Association (NDIA) survey revealed that 36% of contractors who responded were
not aware of DFARS 252.204-7012, and 45% of the respondents admitted that they had never read NIST SP 800-171
• A 2019 NDIA survey revealed that only 56% of defense contractors were prepared for a DCMA assessment of NIST SP
800-171 compliance
17
18. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
CMMC Overview and Updates
• DoD determined that more must be done to harden the DIB's and defense supply chain's
cyber infrastructure
• Verification is not required
• Industry surveys have indicated that many contractors are noncompliant
• Cyber incidents have increased
• CMMC 1.0
• Released in January 2020
• Five maturity levels (two transitional) and would have to be certified to be eligible for contracts
incorporating CMMC requirements
18
19. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
CMMC Overview and Updates
• CMMC 2.0
• “Announced” in November 2021
• Streamlined requirements
• CMMC-unique security practices removed
• New iteration will have three maturity levels instead of five (CMMC 1.0 Levels 2 and 3 removed)
• Level 1: Security controls for FCI
• Level 2: 110 NIST SP 800-171 security controls for CUI
• Level 3: 110 NIST SP 800-171 security controls for CUI, plus some subset of NIST SP 800-172
• Plans of action generally not allowed, with exceptions only for minor noncompliance
19
20. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
CMMC Overview and Updates
• Assessments
• Level 1 is achieved through a self assessment and attestation of compliance
• Level 2 generally requires third-party assessments through accredited CMMC Third Party
Assessment Organizations (C3PAOs), but self-assessments are permitted if contract
requirements do not involve information critical to national security
• Level 3 must be assessed by USG officials
• Interim rule is expected around March 2023, and CMMC may be incorporated into
solicitations and RFIs shortly thereafter
20
22. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Contract-Based Remedies
• In June 2022, DoD issued a memorandum reminding Contracting Officers of available contract-based
remedies for noncompliance with DFARS 252.204-7012 and the corresponding NIST SP 800-171 requirements
22
23. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Civil Cyber-Fraud Initiative
• In October 2021, the Department of Justice (DoJ) announced a new Civil Cyber-Fraud Initiative that leverages
the False Claims Act (FCA) to combat cyber threats
• Deputy Attorney General Lisa O. Monaco stated:
• “For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to
bring it forward and to report it. Well that changes today. We are announcing today that we will use our civil
enforcement tools to pursue companies, those who are government contractors who receive federal funds, when
they fail to follow required cybersecurity standards — because we know that puts all of us at risk. This is a tool that
we have to ensure that taxpayer dollars are used appropriately and guard the public fisc and public trust.”
• In a recent Comprehensive Cyber Review report, DOJ confirmed that it plans to “lead the effort to enforce
cybersecurity requirements on federal contractors and grantees” and further announced its desire to
participate in developing those requirements
23
24. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Civil Cyber-Fraud Initiative
• DoJ has identified the following benefits of the Civil Cyber-Fraud Initiative:
• Building broad resiliency against cybersecurity intrusions across the government, the public sector and key industry
partners
• Holding contractors and grantees to their commitments to protect government information and infrastructure
• Supporting government experts’ efforts to timely identify, create and publicize patches for vulnerabilities in
commonly-used information technology products and services
• Ensuring that companies that follow the rules and invest in meeting cybersecurity requirements are not at a
competitive disadvantage
• Reimbursing the government and the taxpayers for the losses incurred when companies fail to satisfy their
cybersecurity obligations
• Improving overall cybersecurity practices that will benefit the government, private users and the American public
24
25. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Civil Cyber-Fraud Initiative
• DoJ has stated that the following types of contracts will be the focus of its enforcement efforts:
• Software and hardware procurement
• Developing, implementing or maintaining IT systems owned by the federal government
• Use of the contractor’s IT systems, especially if the systems maintain government data
• Cloud services
• Contracts that incorporate a regulatory, statutory or contractual requirement to monitor and report a cyber
breach or incident
• DoJ has also stated that it expects qui tam relators to play a significant role in implementing the
Civil Cyber-Fraud Initiative
• DoJ has already announced results of its enforcement efforts
25
26. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
Other Potential Risks
• Bid protest litigation
• Subcontract flow down negotiations and disputes
• Suspension and debarment
26
27. Federal Government Contracting
CYBERSECURITY REQUIREMENTS
hello@JenniferSchaus.com
Cybersecurity Compliance & Enforcement for Federal Contractors
QUESTIONS?
Please Contact Our Speakers:
Sonia Tabriz
sonia.tabriz@arnoldporter.com
202.942.6574
Tom Pettit
thomas.pettit@arnoldporter.com
202.942.6574
27