nasa isslob t2t it security role based training
play

NASA ISSLOB T2T IT Security Role-Based Training March 15, 2011 - PowerPoint PPT Presentation

Mar 07, 2023 •430 likes •559 views

National Aeronautics and Space Administration NASA ISSLOB T2T IT Security Role-Based Training March 15, 2011 Gretchen Morris www.nasa.gov 1 National Aeronautics and Space Administration Topics to Cover Accomplishments Offerings

  1. National Aeronautics and Space Administration NASA ISSLOB T2T IT Security Role-Based Training March 15, 2011 Gretchen Morris www.nasa.gov 1

  2. National Aeronautics and Space Administration Topics to Cover • Accomplishments • Offerings • Lessons learned • Next steps www.nasa.gov 2

  3. National Aeronautics and Space Administration Criteria for Course Development • Roles defined by Role-Based IT Security Training Matrices in NIST SP 800-16 – NIST 800-16 documents 46 modular components which can build a role – Modules in each course can be re-used for other roles – 800-16 has recommendations which modules could be used to build a role – ITSATC has completed 39 beginning and 23 intermediate modules • NASA-specific courses include info, such as: – Processes – NASA-specific titles • ISSLOB T2T Requirements – 508-compliant – Shared Content Object Reference Model (SCORM) compliant – Learning Management System (LMS) compatible (i.e., tracking requirements) – Operable in a Federal Desktop Core Configuration (FDCC) environment www.nasa.gov 3

  4. National Aeronautics and Space Administration NIST 800-16 Template Template Template A B C D E F G Training Areas Manage Acquire Design & Implement & Review & Use Other Develop Operate Evaluate 1 Laws & Regulations 1A 1B 1C 1D 1E 1F 2 Security Program 2.1 Planning 2.1A 2.1B 2.1C 2.1D 2.1E 2.2 Management 2.2A 2.2B 2.2C 2.2D 2.2E 3 System Life Cycle Security 3.1 Initiation 3.1A 3.1B 3.1C 3.1E 3.1F 3.2 Development 3.2A 3.2B 3.2C 3.2D 3.2E 3.2F 3.3 Test & Evaluation 3.3C 3.3D 3.3E 3.3F 3.4 Implementation 3.4A 3.4B 3.4C 3.4D 3.4E 3.4F 3.5 Operations 3.5A 3.5B 3.5C 3.5D 3.5E 3.5F 3.6 Termination 3.6A 3.6D 3.6E 4 Other www.nasa.gov 4

  5. National Aeronautics and Space Administration NASA T2T Role-Based Offerings • Roles with NASA Specific Information Removed – System Administrators – Chief Information Officers • Roles with NASA-specific content – Certification Agents & Authorizing Officials (CA&AO) – Chief Information Officers – Chief Information Officers – Intermediate – Organizational Computer Security Officials – System Administrators – Beginning – System Administrators – Intermediate – System Owners www.nasa.gov 5

  6. National Aeronautics and Space Administration Other Courses Included • IT System Security Plan Development • Risk Management • Basic ISSA – Information System Security Authorization – Was Certification & Accreditation www.nasa.gov 6

  7. National Aeronautics and Space Administration Process to get Materials • E-Mail ITSATC@lists.nasa.gov • Include – Name – Agency – Mailing address – Email address – Number of copies requested www.nasa.gov 7

  8. National Aeronautics and Space Administration Rules for Use • Provide Credit to NASA • Materials may be modified with Agency specifics to meet specific needs • Provide feedback to NASA ITSATC via the “Evaluation of NASA Provided Training” form that is included on the CD • The NASA ITSATC does not have the resources to reprogram the courses, but will assist as resources allow • Follow instructions in CD Read Me file to open the courses • Email the ITSATC (ITSATC@lists.nasa.gov) if you have any questions www.nasa.gov 8

  9. National Aeronautics and Space Administration Who have we shared the materials with? • Department of Education • FBI • Department of Interior • HUD • Census Bureau • ATF • OSHA • NIH • DHS • NRC • EPA • Department of Commerce • Department of Labor • GAO • OPM • HHS • State Department • Library of Congress • NIST • FDIC • DoD • IRS • NDIC • Canadian Government • Global Learning Systems • DOJ www.nasa.gov 9

  10. National Aeronautics and Space Administration Distribution Method • Mail on CD – CD includes all course materials and an evaluation form – Provided at no charge – NASA answers questions on the content, but is not responsible for modifying the content or programming to make it operational in a Federal LMS • Reasons for not using web – Desire to know and document distribution – Resources www.nasa.gov 10

  11. National Aeronautics and Space Administration Next Steps • Courses – Currently under development • Working to update and populate the matrix in NIST 800-16 – Using Draft Version 2 where possible – Beginning Level • From this, any role’s course can be quickly compiled • Social Networking – Under consideration • Making materials available module-by-module so that they can more easily be adapted • NIST 800-16 – Intermediate Level • Follow up with Distribution – Revise courses based on feedback www.nasa.gov 11

  12. National Aeronautics and Space Administration Contact Information • NASA IT Security Awareness & Training Center (ITSATC) – ITSATC@lists.nasa.gov • Richard Kurak – Program Manager, NASA ITSATC – 216-433-8256 – Richard.S.Kurak@nasa.gov www.nasa.gov 12

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DoD Shared Service Center for ISS LOB Tier I Security Awareness Training a and Tier II Role

DoD Shared Service Center for ISS LOB Tier I Security Awareness Training a and Tier II Role

DoD Shared Service Center for ISS LOB Tier I Security Awareness Training a and Tier II Role Based Training UNCLASSIFIED DoD ISSLOB Annual Awareness Training FY11 product in use (DoD, Federal, IC) FY12 product funded Customer

140 views • 12 slides
Gretchen Ann Morris, CISSP DB Consulting Group NASA IT Security Awareness and Training Center

Gretchen Ann Morris, CISSP DB Consulting Group NASA IT Security Awareness and Training Center

Gretchen Ann Morris, CISSP DB Consulting Group NASA IT Security Awareness and Training Center Objectives for this session Review our role-based course development process Learn how to personalize our role-based courses for your agency

318 views • 12 slides
U.S. DEPARTMENT OF STATE JSAS Cyber Security IT Security Awareness training consistent with NIST

U.S. DEPARTMENT OF STATE JSAS Cyber Security IT Security Awareness training consistent with NIST

ISSLOB SSC CYBERSECURITY AWARENESS U.S. DEPARTMENT OF STATE JSAS Cyber Security IT Security Awareness training consistent with NIST SP 800-50 A proven, reliable solution that verifies retention of material and concepts A well

344 views • 17 slides
Training Competency Assurance - Team Based Ralph Benham Maersk Training, Inc. History NASA

Training Competency Assurance - Team Based Ralph Benham Maersk Training, Inc. History NASA

DYNAMIC POSITIONING CONFERENCE OCTOBER 911, 2017 TRAINING/COMPETENCY Training Competency Assurance - Team Based Ralph Benham Maersk Training, Inc. History NASA study in 1979 Resource Management on the Flight Deck Human Factors

695 views • 15 slides
NIST Role-based Training Guideline: SP 800-16, Rev. 1 Mark Wilson, CISSP Computer Security

NIST Role-based Training Guideline: SP 800-16, Rev. 1 Mark Wilson, CISSP Computer Security

NIST Role-based Training Guideline: SP 800-16, Rev. 1 Mark Wilson, CISSP Computer Security Division National Institute of Standards and Technology - March 23, 2010 - mark.wilson@nist.gov (301) 975-3870 (voice) http://csrc.nist.gov/

92 views • 8 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
The Role of MPPs at NASA and the Aerospace Industry Manny Salas May 22, 1997 Talk Outline

The Role of MPPs at NASA and the Aerospace Industry Manny Salas May 22, 1997 Talk Outline

The Role of MPPs at NASA and the Aerospace Industry Manny Salas May 22, 1997 Talk Outline NASA Aeronautics Computational Resources NASA Utilization & Availability Metrics NASA Aeronautics Parallel Software Aerospace

626 views • 47 slides
NASA Engineering Database NASA Engineering Database (NED) (NED) Prototype Prototype Stephen

NASA Engineering Database NASA Engineering Database (NED) (NED) Prototype Prototype Stephen

NASA Engineering Database NASA Engineering Database (NED) (NED) Prototype Prototype Stephen C. Waterbury NASA/Goddard Space Flight Center December, 2000 Model Interaction and Transformation Security, Services: Auth., Thin Expresso

440 views • 4 slides
UCP UK Security Training like no other CLOSE PROTECTION TRAINING At its very best UCP ARE

UCP UK Security Training like no other CLOSE PROTECTION TRAINING At its very best UCP ARE

UCP UK Security Training like no other CLOSE PROTECTION TRAINING At its very best UCP ARE APPROVED, INSURED AND ASSURED TO DELIVER THE UK SIA LICENSED TRAINING DONT CHOOSE A PROVIDER THAT IS NOT QUALIFIED TACTICAL FIREARMS TRAINING

684 views • 36 slides
Constraints in Role-Based Access Control Jason Crampton Information Security Group, Royal

Constraints in Role-Based Access Control Jason Crampton Information Security Group, Royal

Constraints in Role-Based Access Control Jason Crampton Information Security Group, Royal Holloway University of London jason.crampton@rhul.ac.uk www.isg.rhul.ac.uk/~jason Outline Introduction Separation of duty Role-based

482 views • 14 slides
Role-based access control Role-based access control 1 RBAC: Motivations Complexity of

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of security administration p y y For large number of subjects and objects, the number of authorizations can become extremely large For dynamic

536 views • 51 slides
WORKING IN PARTNERSHIP WITH A SPECIALIST TRAINING PROVIDER - WHAT IS THE ROLE OF FURTHER

WORKING IN PARTNERSHIP WITH A SPECIALIST TRAINING PROVIDER - WHAT IS THE ROLE OF FURTHER

WORKING IN PARTNERSHIP WITH A SPECIALIST TRAINING PROVIDER - WHAT IS THE ROLE OF FURTHER EDUCATION? NFEC National Conference, Leicester November 2013 Introducing The Medical Room UK based company, Incorporated 2007 Preferred suppliers to

385 views • 21 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 7 Intrusion Detection Topics Fundamentals Network IDS Snort Host-based IDS

1.03k views • 72 slides
New-school Security Awareness Training Greg Kras CISSP Chief Product Officer About Us Over

New-school Security Awareness Training Greg Kras CISSP Chief Product Officer About Us Over

New-school Security Awareness Training Greg Kras CISSP Chief Product Officer About Us Over 27,000 The worlds largest integrated Security Awareness Training and Simulated Phishing platform Based in Tampa Bay, Florida, founded in

609 views • 5 slides
Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 16, 2013 SafeConfig 2013: IEEE 6th

227 views • 18 slides
Effective Security for the Post-compliance Era Security Awareness and Training for Security

Effective Security for the Post-compliance Era Security Awareness and Training for Security

Effective Security for the Post-compliance Era Security Awareness and Training for Security Specialists M. ANGELA SASSE, RUHR UNIVERSITY BOCHUM & UCL The problem MENSCHLICH WELTOFFEN LEISTUNGSSTARK 2 ENISA Report December 2018

362 views • 33 slides
RADAR OBSERVATION OF INTENSE RAIN EVENTS DURING THE BOLLENE 2002 EXPERIMENT John Nicol 1 , Guy

RADAR OBSERVATION OF INTENSE RAIN EVENTS DURING THE BOLLENE 2002 EXPERIMENT John Nicol 1 , Guy

Sixth International Symposium on Hydrological Applications of Weather Radar RADAR OBSERVATION OF INTENSE RAIN EVENTS DURING THE BOLLENE 2002 EXPERIMENT John Nicol 1 , Guy Delrieu 1 , Dominique Faure 2 and Pierre Tabary 3 1 L.T.H.E., Grenoble,

335 views • 8 slides
Service Management of Catering Organisation Students Name Institution Outline 1. Brief

Service Management of Catering Organisation Students Name Institution Outline 1. Brief

Service Management of Catering Organisation Students Name Institution Outline 1. Brief overview of catering service organization 2. The key elements of organizations servicescape 3. Assessment of the elements and their contribution to :

526 views • 18 slides
Proposed Housing Development, Former Berryfield Works, East Stirling Street Proposed Housing

Proposed Housing Development, Former Berryfield Works, East Stirling Street Proposed Housing

Proposed Housing Development, Former Berryfield Works, East Stirling Street Proposed Housing Development, Former Berryfield Works, East Stirling Street CONSULTATION INTRODUCTION DEVELOPMENT AIMS Site Site Locaon Aerial View This

152 views • 3 slides
Video Conference ACTIVITY REPORT 2011 MOHAMAD ZAHIR AHMAD INFORMATION TECHNOLOGY DEPARTMENT

Video Conference ACTIVITY REPORT 2011 MOHAMAD ZAHIR AHMAD INFORMATION TECHNOLOGY DEPARTMENT

Video Conference ACTIVITY REPORT 2011 MOHAMAD ZAHIR AHMAD INFORMATION TECHNOLOGY DEPARTMENT UNIVERSITY OF MALAYA MEDICAL CENTER (UMMC) 17 DECEMBER 2011 Introduction to UMMC Video Conferencing History in UMMC Video Conferencing

385 views • 10 slides
Passive Gas System Design PRESENTED BY BRYAN WELDON P.E. Passive System Overview 01 Passive

Passive Gas System Design PRESENTED BY BRYAN WELDON P.E. Passive System Overview 01 Passive

Passive Gas System Design PRESENTED BY BRYAN WELDON P.E. Passive System Overview 01 Passive Components 02 Integrating and Upgrading 03 Questions 04 2 Passive System Overview ___ 3 Passive Gas System ___ 4 Passive Gas System Usually

332 views • 12 slides
Environmental Risk Management of Industrial Chemicals Background Reforms relating to industrial

Environmental Risk Management of Industrial Chemicals Background Reforms relating to industrial

Environmental Risk Management of Industrial Chemicals Background Reforms relating to industrial chemicals In scope Council of Australian Governments (COAG) Chemical Reforms to establish a National Standard for Environmental Risk

679 views • 22 slides
PAVING & RESTRIPING INFORMATION VDOT Paving Program Overview NOVA DISTRICT PAVEMENT

PAVING & RESTRIPING INFORMATION VDOT Paving Program Overview NOVA DISTRICT PAVEMENT

LEE DISTRICT 2020 PAVING & RESTRIPING INFORMATION VDOT Paving Program Overview NOVA DISTRICT PAVEMENT CONDITION RATINGS 2019 2019 Dashboard Pavement Condition Status Pavement Condition 100 2019 Pavement Condition 90 System Percent

458 views • 19 slides
Coordinators Jan Noga Meg Hargreaves SETIG Leadership Jan Noga Erin Watson Ginger Fitzhugh Day

Coordinators Jan Noga Meg Hargreaves SETIG Leadership Jan Noga Erin Watson Ginger Fitzhugh Day

Bethany Laursen Kylie Hutchinson Coordinators Jan Noga Meg Hargreaves SETIG Leadership Jan Noga Erin Watson Ginger Fitzhugh Day 1 Day 2 Day 3 Registration was much higher than attendance. Possibly because it was free. Registered Registered

646 views • 28 slides

More recommend