FIND BY MONTH
FIND BY LOCATION
IN-HOUSE TRAINING
Bring any seminar or course directly to your staff through the Federal Publications’ In-House Presentations Program.
Get 10% Off Your Next Purchase
SIGN UP FOR OUR EMAILS
Email Address * Name
Title Organization
Privacy Policy

THANK YOU FOR SIGNING UP

You'll soon be receiving updates about special offers, events, books & more.
Continue to browse our site to:
 
  Public     In-House

Who should attend:

This course is designed for professionals of all levels with a basic government contract understanding from the following areas:

    • Contract Administrators

    • Contract Managers, Directors

    • IT Professionals with contract oversight

    • Federal, State, Local Government Procurement/Acquisition professionals

    • Non-Profit and Grants professionals

What you will learn:

The federal government is raising its investment and reliance on advanced information technology (IT) infrastructures to support its missions across all departments. An effective cybersecurity regime is core to successfully implement and complete all government programs. Designed for contractors and agencies, our Cybercontracting Workshop delves into the body of regulations governing information management and explores how they guide acquisiton planning and administration.

This workshop will help attendees learn how to stay on top of all the requirements and maintain compliance, how to prepare and submit an IT security plan and what comprises a sound information security plan. In addition, attendees will learn how to prepare an RFP with cybersecurity requirements and how to respond to such a proposal.

The four main elements of the program are explained below:

    1. The Basics: A comprehensive overview and update for contract practitioners. Regulatory Overview, the Statutes, Regulations, and Standards. FISMA, Privacy Act, FAR/DFARS, FedRAMP, NIST.


    2. A Synthesis: What contractors and agencies must know and how to keep current. Cybersecurity Regimes and Common Elements Across the Full Spectrum of Agency Requirements and Rules, Classified and Unclassified.


    3. Contracting Implications: A practical examination, explanation, and analysis on how the rules apply. From Acquisition Planning and Source Selection through Bidding, Proposals, Protests and Challenges, Performance, Changes, Claims and Costs, to Contract Completion – the Impact of Cybersecurity Rules and Regulations on Contracting throughout the Contracting Cycle.


    4. Compliance: How Contractors and Agencies can protect themselves and their organizations through informed practices and procedures. How Contractors and Agencies Comply with the Rules and Stay On Top of the Requirements in the Dynamic, Changing World of Cybersecurity Contracting. Audits, Checklists, Risk Assessment models, Incident Reporting, and Remedial Action. IT Security Plans, and the Key Elements of a Sound Information Security Program

Materials include:

    • Course Manual

Dates and Locations
April 25-26, 2017
PricewaterhouseCoopers, LLP
Washington, DC
$1275
REGISTER
DAILY SCHEDULE
Day 1
9:00 AM - 4:00 PM
 
Day 2
9:00 AM - 12:00 PM

A CYBER PANORAMA - MAJOR FACTORS DRIVING CYBERSECURITY

Cyber Threats for the Public & Private Sectors

National Security & Public Safety Threats

Digital Pearl Harbor (e.g., DoD Secretary’s warning
Critical infrastructure threats

Personal Data & Individual Threats

Half-billion personal records compromised
Major public & private sector data breaches\

Intellectual Property & Economic Threats

$1 trillion global losses
Systematic cyber looting (e.g., DNI report)

The Information Technology Kingdom

Federal Sector & Information Security

Federal sector as largest information entity in world
Types of high-value data in federal sector
-- National security
-- Sensitive personal & healthcare data
-- High-value technology & trade secrets

Private Sector & Information Technology

85% of critical infrastructure in private sector
Information technology sector as critical infrastructure
$1 trillion IT sector

Public Policies Competing with Information Security

Information Sharing vs. Security

Connecting the data” as essential to security
Security risks due to information sharing (e.g., WikiLeaks)

Transparency and Disclosure vs. Security

Federal requirements for transparency & disclosure
-- FOIA
-- eGov Act

Competing federal policies between confidentiality & transparency

Privacy vs. Information Security

Privacy & information security as complementary policies
Security requirements competing against privacy
-- Personnel screening
-- Internet surveillance (e.g., Einstein project)

THE STATUTORY AND REGULATORY FRAMEWORK FOR INFORMATION SECURITY

Basic Federal Information Security Laws & Rules

Federal Information Security Management Act (FISMA)

Fundamental requirements
Applicability to federal agencies & contractors
FISMA interpretation & implementation
-- Executive policy
-- Congressional oversight
-- Judicial interpretation

Federal Acquisition Regulation

Applicability to government contractors
Incorporation of OMB and NIST standards

OMB & NIST Standards

Key OMB guidance
NIST & FIPS standards
Mandatory vs. voluntary standards

Agency Regulations Implementing Cybersecurity

GSA Information Security Regulations
-- Regulatory requirements
-- GSA implementation
-- Sample RFP clauses

DoD Information Assurance Rules

DFARS regulatory requirements
DIACAP security implementation
DoD proposed rules for information assurance
Sample RFP clauses

DHS Information Security

Regulatory requirements
DHS implementation
Sample RFP clauses

DOE Information Security

Regulatory requirements
DOE implementation
Sample RFP clauses

VA Information Security

Regulatory requirements
VA implementation
Sample RFP clauses

HHS Information Security

Regulatory requirements
HHS implementation
Sample RFP clauses

Cloud Computing and Information Security

Executive Policy on Cloud Computing
-- Factors driving cloud computing
-- Implementation & initiatives

FedRamp Program
-- Purpose
-- Move towards federal uniformity

Cloud Security and Key Issues
-- Security risks & benefits
-- Key security initiatives

Privacy Laws and Information Security

Overview
-- Patchwork privacy laws in U.S.
-- Information security as essential to privacy

Privacy Act
-- Fundamentals of Privacy Act
-- Civil & criminal remedies as factor in security breaches

HIPAA and Healthcare Privacy
-- Fundamentals of HIPAA
-- HIPAA requirements & information security

State Security Breach Laws
-- Overview of state provisions & requirements
-- Duties for security programs & safeguards

SEC Enforcement of Information Security

SEC Guidance on Material Risks & Information Security
-- Expanding the information security net
-- Implications for publicly traded companies

Key Factors for Information Security
-- Security breach incidents & disclosure
-- Internal safeguards & assessement
-- Major cyber risks & reporting

KEY ELEMENTS FOR A SOUND INFORMATION SECURITY PROGRAM

Establishing Security Objectives

Integrity

Confidentiality

Availability

Identifying Security Needs

Requirements Identification

Risk Assessment

Initial risk assessment
Periodic risk assessment

Cost-Effectiveness Assessment

Appropriate Level of Security

Levels of security
Multiple factors in determining security levels

Life-Cycle Security

Implementing a Security Program

Policies and Procedures

FISMA requirements
Other requirements

Security Controls

Management controls
Operational controls
Technical controls

Continuous Monitoring

Configuration management & control processes
Security impact analyses
Assessment of security controls
Security status reporting

Configuration Control

Continuity of Operations

Ensuring Compliance

Training

Periodic Testing and Evaluation

Accountability

Security Incident Detection and Reporting

Remedial
Actions


CYBER CONTRACTING

Acquisition Planning & Formation

Cybersecurity as Planning Factor
Specifications & Restrictive Requirements
Uniformity in Federal Acquisitions
Emerging Protest Issues

Contract Performance

Security Programs & Agency Approval
Contractor Access to Federal Networks
Disqualification & Due Process
Past Performance & Security Breach

Liability and Risk Allocation

Government Contractor Defense
Public Law 85-804
SAFETY Act
Cyber Insurance

Cyber War and Contractor Risks

Agency & Contractor Oversight

Congressional Oversight & Initiatives
GAO Oversight
Inspector General Oversight

Jeffery M. Chiow, Rogers Joseph O'Donnell

Jeffery M. Chiow is a Shareholder at the law firm of Rogers Joseph O'Donnell PC.  Mr. Chiow represents clients in litigation and government investigations that usually have some nexus to a government contract. He also provides counsel on business and compliance issues faced by government contractors. He is named an Up-and-Coming government contracts attorney nationally by Chambers USA® and a “Rising Star” among government contracts attorneys in Washington, DC by SuperLawyer®. Particular interests include aerospace and defense (he was a U.S. Marine Corps weapons and sensors officer in the F/A-18D Hornet before becoming a lawyer), bid protests, cybersecurity, technology services contracting, schedule contracting and contingency contracting.

Robert Metzger, Rogers Joseph O'Donnell

Mr. Metzger is a member of the firm's Government Contracts Practice Group and is the head of RJO's Washington, D.C. office. He advises leading US and international companies on cyber and supply chain security and regulatory compliance. His litigation practice includes representation of companies before administrative agencies as well as civil matters in federal and state courts. Bob is regarded as among the nation's leading experts on public contract cybersecurity requirements. In 2016, he was named a "Federal 100" awardee by Federal Computer Week, which cited his influence on both industry and government on the convergence of cyber and supply chain security. He also has extensive experience in federal and state bid protests and in controversies arising from information technology (IT) implementation projects.

MEET YOUR CONTINUING EDUCATION CREDIT REQUIREMENTS
SEE INDIVIDUAL COURSES FOR AVAILABLE CREDITS
Certificates of Completion are provided to all seminar participants who attend Federal Publications Seminars courses following the event, upon request.
NCMA: CONTRACT MANAGER CERTIFICATION
All Federal Publications Seminars courses meet the course requirements of the National Contract Management Association’s certification programs. We are a proud Education Partner of the NCMA.
CPE: CONTINUING PROFESSIONAL EDUCATION
Federal Publications Seminars is part of West Professional Development, which is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.learningmarket.org.
CPE HOURS
This Program is eligible for: 13 (CPE) hours of credit
Program Level: Basic
Program Prerequisite: None
Advance Preparation: None
Method: Live-Group
CLP: CONTINUOUS LEARNING POINTS
APPROVED FOR CLP BY
DEFENSE ACQUISITION UNIVERSITY
Defense Acquisition Workforce members must acquire 80 Continuous Learning Points (CLP) every two years from the date of entry into the acquisition workforce for as long as the member remains in an acquisition position per DoD Instruction 5000.66. We will provide you with documentation of points awarded for completing the event.
CLP HOURS
This Program is eligible for: 11 (CLP) hours of credit
CLE: CONTINUING LEGAL EDUCATION
States have widely varying regulations regarding MCLE credit. LegalEdcenter is an approved provider in AL, AK, AR, CA, GA, IL, ME, MO, MS, NC, ND, NE, NH, NJ, NM, NV, NY, OH, OK, PA, RI, SC, TN, TX, UT, VA, VI, VT, WA, WI, and WV. Credit may be applied for in other jurisdictions on request and in accordance with state MCLE rules.
** Please note that because some states are changing their policy on CLE reporting, you will need to fill out the request for credit from Federal Publications Seminars within 10 business days, or we may not be able to issue credits for the program.
CLE HOURS
This Program is eligible for: 11 (60 minutes),
PricewaterhouseCoopers, LLP
1730 Pennsylvania Ave NW
Washington, DC 20006
2027561700
100
Basic or fundamental subject matter is covered. Courses are geared to general knowledge or can be taken as a refresher.
200
Specific topics or issues within a topic area are covered. Students should be familiar with terms of art and general concepts concerning the course topic.
300
Workshops and class discussions cover specific subject matter in-depth, and participation is strongly encouraged. Attendees should have at least 2-3 years' experience in the area of study.
400
Courses build upon students' knowledge and experience, and cover complex issues within the subject matter. Should have 4-5 years' mastery of subject for in-depth analysis.
500
Masters-level programs designed for professionals with 5+ years' experience. Courses cover in-depth and technical analysis on specific subjects and updates on current issues.
Register Now for:
Cybersecurity and Government Contracting: Regulations, Implications and Compliance
close window
Register Online
Date Location
April 25-26, 2017 Washington, DC
REGISTER
By Phone
Call (888) 494-3696