Cyber Security Committee

The Cyber Security Committee is responsible for working with the Defense Department in establishing industry-wide near-term and long-range cyber security planning and policy to meet information protection requirements. Comprised of industry cyber security executives, CIOs, and at times technical analysts, the Cyber Security Committee looks to the future to assist in developing policies and plans to thwart future threats.

AIA contact:  Jason Timm, Assistant Vice President, National Security Policy

Items of Interest

 

Industry Resources

1)  2017 AIA Member Survey:  Cybersecurity Survey Results

2)  NIST Compliance Presentation:  Compliance through Development Security Operations (DevSecOps)

3)  Sep 2017 SMC Presentation:  DFARS How-To (Exostar and Accenture)

4)  FAR to DFARS:  Categorization of NIST SP 800-171 R1 Controls

5)  DFARS 101:  Cybersecurity in Business Language (Update Pending)

6)  AIA National Aerospace Standard (NAS) 9933:  Overview

7)  AIA National Aerospace Standard (NAS) 9933:  Link to AIA Standards Store

8)  DIB SCC Cyber AssistWebsite

9)  Project Spectrum:  Website 

10) Cybersecurity Maturity Model Certification:  Accreditation Body (AB)

 

Federal Government Resources

1)  Cybersecurity Maturity Model Certification (CMMC)

2)  DOD DIB Cybersecurity Program

3)  DOD Procurement Toolbox

4)  6 Nov 2018 – FINAL Guidance Memo

3a)  DoD Guidance for Reviewing System Security Plans and the NIST SP 800-171 Security Requirements Not Yet Implemented

3b)  Guidance for Assessing Compliance of and Enhancing Protections for a Contractor’s Internal Unclassified Information System

5)  DFARS: Final Rule:  Network Penetration Reporting and Contracting for Cloud Services

6)  DFARS: Final Rule:  Frequently Asked Questions (FAQs) (Update Pending)

7)  DFARS: Contract Clause:  Safeguarding CDI and Cyber Incident Reporting

8)  23 June 2017 DFARS CUI/CDI Industry Information Day:  Slides  / Video

9)  NARA:  Controlled Unclassified Information (CUI) Registry

10)  NIST:  Consult with your local NIST Manufacturing Extension Partnership (MEP) Center

11)  NIST:  Cybersecurity Standard:  NIST SP 800-171 R1

12)  NIST:  Cybersecurity Standard Assessment Guide:  NIST SP 800-171A

 

Tools and Templates

1)  DHS:  Cybersecurity Evaluation Tool

2)  NIST SSP Standard:  NIST SP 800-18 (Sample SSP template at Appendix A)

3)  NIST CUI Templates:  SSP / Plan of Action (POA&M)

4)  Complainceforge.com:  SSP Template

5)  Federal Risk and Authorization Management Program (FedRamp)

a)  Moderate Baseline SSP Template 

b)  Other SSP Templates and more

6)  Plan of Action and Milstones:  Simple Excel POA&M Template

Sectors with this issue