Profile

CommunityPlatform_1350x900.jpg

Jay Gallman

Edit My Profile

My Content

1 to 20 of 50+ total

No 800-171 Compliance CG meeting today!

Posted By Jay Gallman 07-16-2024 08:30:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
In case you were away for last month's meeting, the July meeting was cancelled, we will resume as schedule in August. Stay cool! ------------------------------ Jay Gallman Duke University Risk Advisor ------------------------------

RE: StateRamp: Has anyone here heard of it?

Posted By Jay Gallman 07-09-2024 10:29:31 AM
Found In Egroup: Cybersecurity and Privacy Governance, Risk, and Compliance \ view thread
Nat, Interestingly I had a look at Participating Governments - StateRAMP. I was surprised at the listings for my own state of NC, as I'd not heard this mentioned by any of my colleagues in the systems noted there, but that doesn't mean anything. I think the map suggests just how much mileage will ...

RE: Is anyone utilizing SBOMs alongside HECVATs?

Posted By Jay Gallman 06-25-2024 12:59:26 PM
Found In Egroup: HECVAT Users \ view thread
As some of the others have stated, I think if they were more readily available, I'd certainly make use of them. To be of maximum benefit though I'd need to be able to ingest them as a standard record format, into a DB/Tool that would then allow them to be searchable. In short what I need is quick access ...

Vendor understanding for Network Security questions

Posted By Jay Gallman 06-25-2024 12:54:33 PM
Found In Egroup: HECVAT Users \ view thread
So, the following is strictly opinion based on reading through hundreds of HECVATs over the past few years. I believe that some clarification is needed around the questions for Network security to note whether the intention is for the vendor to address those around their cloud infrastructure, employee ...

RE: Survey and June Meeting Agenda

Posted By Jay Gallman 06-17-2024 09:40:13 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good morning, we've only had 17 responses to the survey so far. To facilitate our organizing future meetings to best benefit your needs, we need to know what matters to you. This will take you two minutes tops. 800-171 Compliance Member Needs Survey (alchemer.com). Thanks much, and see everyone ...

May Meeting Agenda Tuesday May 21st 11:00 AM EDT

Posted By Jay Gallman 05-14-2024 09:09:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good morning, here's our agenda for next week. EDUCAUSE update Items CPPC 24 take-aways - Share with community what sessions were impactful for you and why? CG leadership change - As co-chairs since the inception of the CG in 2021, Nadim and Jay will be stepping down from that role at the ...

RE: If you're coming to Minneapolis next week...

Posted By Jay Gallman 04-26-2024 10:38:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
Laura, My understanding is that some of the tables at lunch on Thursday will have tabletop tents denoting certain topics so that folks can pick a table and discuss that topic. and Research Security will be one of those. @Nichole Arbino can correct me if I've misspoken. Best, ...

If you're coming to Minneapolis next week...

Posted By Jay Gallman 04-25-2024 10:56:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
There will be a table for Research Security at Thursday's BoF lunch, so hope you can join us. I'm fond of the EDUCAUSE App, if you load it, please feel free to reach out and connect! Until then safe travels! ------------------------------ Jay Gallman Duke University Risk Advisor ------ ...

800-171 CG April 16th 11:00 AM EDT - NSPM-33 Readiness Deep Dive Continued

Posted By Jay Gallman 04-10-2024 05:51:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
At our March meeting, we looked at the cyber specific controls in NSPM-33 and applied them to some broad areas of compute that are typical to our campuses. Those categories were: Secure systems and enclaves with SSPs Computational facilities managed by central IT Computational facilities ...

Understanding the False Claims Act

Posted By Jay Gallman 03-26-2024 12:40:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
The following video is a good one to share to your campus colleagues involved in compliance beyond the cybersecurity ones. It's a good overview of the False Claims Act and how it works and at the end touches on the two cases that have been mentioned involving Higher Ed. The False Claims Act and The DOJ's ...

800-171 CG March 19th 11:00 AM EDT - NSPM-33 Readiness Deep Dive

Posted By Jay Gallman 03-12-2024 02:49:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good afternoon, In our February meeting, we discussed selecting some of the issues identified as being of concern in the January Regulated Research Community of Practice Meeting and using them as a focus on our efforts for our coming meetings. As a result of that as CMMC continues to move along, ...

NIST SP 800-171 CG Meeting 2/21

Posted By Jay Gallman 02-13-2024 12:21:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good afternoon, A quick reminder that tomorrow's Regulated Research Community of Practice meeting will feature Jacob Horne, a national leader who's made it his business to translate regulations into likely impact. Jacob is the Chief Cybersecurity Evangelist with Summit 7 and someone who's become ...

January 16th 11:00 AM Meeting Notice for the 800-171Compliance Group

Posted By Jay Gallman 01-09-2024 12:57:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good afternoon, I trust everyone had an enjoyable holiday season, and hopefully a restful one as well. We find ourselves fully in RFC (request for comment) season, and so we thought we'd take this meeting to share what the closing deadlines are and what EDUCAUSE is drafting under @Jarret Cummings ...

Next Tuesday's 800-171 CG Agenda (remember it's 11:00 EST)

Posted By Jay Gallman 11-17-2023 12:59:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good afternoon, My apologies for the late notice in getting out next week's agenda. Updates from EDUCAUSE - 800-171R3 This month's RRCoP assessment presentation from UCSD: Regulated Research Community of Practice - RRCoP Recordings and Presentations - any follow up questions ...

RE: RRCoP - Nov 8th - Debrief on CMMC Learning Assessment

Posted By Jay Gallman 11-09-2023 01:23:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good afternoon, In case you missed yesterday's presentation from Carolyn and her UCSD colleagues, as well as one of their CMMC assessors, it's much watch YouTube and available here: 2023 11 UCSD Learning Assessment - YouTube, and as a bonus you'll find the Q&A here: 2023_11_ UCSD - CMMC Mock Assessment ...

800-171 Compliance CG - October 17 Meeting 11:00 AM

Posted By Jay Gallman 10-12-2023 05:40:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good morning, As several of us have been conferencing this month, we'll use a portion of the meeting to share what we've learned that may be of interest to the broader community. The following Federal Register notice was published 10/3/2023 and is something we should address as a community ...

Regulated Research Community of Practice today

Posted By Jay Gallman 10-11-2023 06:44:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
I thought today's RRCoP session would be of interest to many in our CG. Note these are recorded, so if you're unable to make it, you can certainly catch it later. Today RRCoP be hearing from CU Boulder on their "CMMC Environment Gap Analysis Lessons Learned". I hope you can join us for the live ...

Default Weighting for InCommon Membership AAAI07

Posted By Jay Gallman 09-25-2023 10:04:00 AM
Found In Egroup: HECVAT Users \ view thread
Good afternoon, Single Sign On with Shibboleth, is a key consideration for Duke. InCommon is more of a nice to have extra. As such I'm wondering if anyone can explain the wisdom where AAAI01default is 25 points and AAAI07 is 40 points? I realized it's easy enough to change and do so but wondered if I'm ...

RE: September 19th Meeting - Last 10:30 EDT/EST edition

Posted By Jay Gallman 09-13-2023 06:45:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
My apologies to Wendy Epley for the misspelling of her last name in my initial mail! ------------------------------ Jay Gallman Duke University Risk Advisor ------------------------------

September 19th Meeting - Last 10:30 EDT/EST edition

Posted By Jay Gallman 09-13-2023 06:33:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
Good morning, I trust all is well and that your school years have settled into a normal routine. This will mark our final 10:30 meeting time, and we will shift to an 11:00 AM time starting with the October meeting. Our agenda is follows: EDUCAUSE Team announcements Nichole/Joe - ...