Please note: Virtual Courses are NOT included in an FPSOnline Professional Subscription. You can upgrade to an FPSOnline Premium Subscription to view all Virtual Courses PLUS all live and on-demand webinars and webinar series included in the FPSOnline Professional Subscription. Learn more >>

Digital transformation has been constantly accelerating over the last 25 years.  Foundational cybersecurity laws such as the E-Government Act of 2002, which included the Federal Information Systems Management Act (FISMA) were written at the turn of the 21st Century. The first half of the 2010’s saw the rapid proliferation of cyber threats from criminals and nation states, both threatening the functioning of essential Government services and eroding U.S. technological advantages in military, space and national security technologies. These ubiquitous malicious cyber actors pose a clear and present danger to the safety, security and privacy that Americans expect their Government to provide.The rapidly evolving technological and threat environment poses a challenge to the Nation’s intentionally slow and deliberate legislative and regulatory processes.

Government contractors play a major role in developing and delivering products and services to the Government, but reliance on contractors introduces additional avenues of potential cyber threats.  Since 2015, the Departments of Defense (DoD) and Homeland Security (DHS), the General Services Administration (GSA), the National Archives and Records Administration (NARA) and the National Institute of Standards & Technologies (NIST), have played key roles in developing and implementing policies and technologies to enhance the Nation’s cybersecurity.  These include DoD’s Safeguarding Covered Defense Information and Cyber Incident Reporting Rule (“DFARS -7012”), NIST’s Special Publication 800-171 (“SP 800-171”), GSA’s FedRAMP Program, and the new Cybersecurity Maturity Model Certification (CMMC) initiative.
These regulations, though confusing and cumbersome, are the first defense to keeping data and information secure as well as protecting the intellectual property of organizations. 

In this day-long program which kicks off a full week of lectures and hands-on interactive exercises, you will learn about:

Cyber Threats and Legal/Regulatory Responses
OPM Breach; NotPetya; Solarwinds; Hafnium; Navy SeaDragon; Insider Threats

The Framework of Cybersecurity Law 
FISMA (2002); Cybersecurity Information Sharing Act (2015); Cybersecurity and Infrastructure Security Agency Act (2018); Executive Orders concerning Cybersecurity (2021), Controlled Unclassified Information (2010) ,and Critical Infrastructure Security (2013); OMB Guidance; NARA’s CUI Rule; NIST SP’s 800-171, 800-53 and others; DoD and other Agency Rules; and the CMMC Initiative

Privacy Laws and Cybersecurity
The Privacy Act; The FAR Regulations; Fair Information Practices; HIPAA (Health Insurance Portability and Accountability Act); State Security Breach Laws; Data Breach Litigation; General Data Protection Regime (GDPR)

Cloud Computing, Security and Acquisitions
Defining the Cloud; Cloud Basics; Securing the Cloud; The FedRAMP Program; Cloud Acquisition; Cyber Risks

Upon completion, you will:

• Identify the regulatory framework guiding cyber policy
• Identify and determine the laws governing cyber related issues
• Determine which regulations your organization may need to comply when doing business with the government
• Understand the framework and organizations driving the cyber laws.