Profile

CommunityPlatform_1350x900.jpg

Mike Lanham

Edit My Profile

My Content

1 to 20 of 23 total

RE: Role/Security in Non-IT Administered Applications

Posted By Mike Lanham 10-31-2022 06:05:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
I am no longer at the US Military Academy, but the way we deliberate wrote policy is if an element of the Academy (e.g., Admissions, Athletics, Academic Departments) that did not leverage the institutional IdAM that they had the responsibilities to perform IdAM Maintenance and demonstrate evidence of ...

RE: In Search Of - Vulnerability Management Process management system

Posted By Mike Lanham 08-03-2022 09:01:00 AM
Found In Egroup: Cybersecurity \ view thread
Peter and community Yes, definitely looking for ways to break silos...what I have been surprised at is the lack of other feedback... I have seen one other person asking to be included in what I findI have seen one other person (Peter Iuo) saying tool X may do what you needAny thoughts on how I should ...

In Search Of - Vulnerability Management Process management system

Posted By Mike Lanham 07-27-2022 05:52:00 AM
Found In Egroup: Cybersecurity \ view thread
I am in search of a system (undefined, other than inputs, process, outputs :-)) that can help with continuous monitoring and management of vulnerability findings in a system. I had this search in my last .edu job and in my current .com job. I strongly suspect one or more commercial tools (or .gov at ...

RE: KnowBe4 Alternatives

Posted By Mike Lanham 07-08-2022 10:02:00 AM
Found In Egroup: Cybersecurity \ view thread
NINJIO, I loved their training, though we had a different integrated phishing simulation tool I used in a past job. -- Regards, Michael Michael Lanham, PhD, CISSP, GPEN ... vCISO, Black Talon Security, LLC P: 800-683-3797 O: 914-688-1690 C: 845-728-5769Email: michael.lanham@blacktal ...

RE: KnowBe4 Alternatives

Posted By Mike Lanham 07-06-2022 09:24:00 AM
Found In Egroup: Cybersecurity \ view thread
My old institution used NINJIO for training and like Renee, O365 phishing sim in the A5 license to do the simulations. R/ Mike Michael Lanham, PhD, vCISO Black Talon Security, LLC P: 800-683-3797 O: 914-688-1690 C: 845-728-5769

RE: Good afternoon, Just joined....

Posted By Mike Lanham 06-03-2022 08:41:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
Welcome Doug! Go Wolfpack ('92)! FWIW, I had dropped a boat load of 800-53 (20+) policies from US Military Academy's effort to implement 800-53 (the superset of 800-171) as an .edu (and DoD). They may (or may not) provide ideas or data points that are useful to yourself. R/ Mike -- Regards, ...

US Military Academy is searching for a new CISO

Posted By Mike Lanham 04-18-2022 05:34:38 AM
Found In Egroup: CIO \ view thread
The US Military Academy is searching for a new Chief Information Security Officer (CISO). Applications must flow through the USAJobs web site and here is the link: https://www.usajobs.gov/job/648742700 . I did the job for 4+ years and left only because I was wanting to try something other than Government ...

RE: Compliant Communication Platforms (VOIP, Zoom, Teams..)

Posted By Mike Lanham 04-14-2022 02:09:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
FWIW, 800-171 is a subset of 800-53 and O365/A3 and A5 are both listed as 800-53 compliant (at least on the vendor side of the equation). R/ Mike

NIST 800-53 policies for .edu posted to the files library

Posted By Mike Lanham 03-08-2022 06:21:00 PM
Found In Egroup: NIST 800-171 Compliance \ view thread
Team, I just posted the newest batch of 21 policies that the US Military Academy developed for its implementation of the NIST 800-53 framework. I hope these save someone, somewhere, at least a little bit of work. You may contact the team at cyber@westpoint.edu if you want additional information. ...

US Military Academy's Exemplar Policies based on NIST 800-53

Posted By Mike Lanham 03-08-2022 06:13:31 PM
Found In Library: HEISC 800-171 Compliance
The attached ZIP file has 21 MS Word documents in it that are the newest batch of policies authored by the US Military Academy. Obviously NIST 800-53 is a superset of controls and assessment procedures captured in 800-171, so we hope that you find these useful and that they save you some time. Starting ...

Job Posting: CISO at US Military Academy at West Point, NY

Posted By Mike Lanham 02-07-2022 09:45:00 AM
Found In Egroup: Cybersecurity \ view thread
Good Morning Everyone, The US MIlitary Academy at West Point, NY is seeking to hire a Chief Information Security Officer (CISO). The Academy is the Army's premier leadership institution with 4,400 undergraduate-only students, 2,500 faculty and staff, and also directly supports the USMA Preparatory ...

Job Posting: CISO at US Military Academy at West Point, NY

Posted By Mike Lanham 02-07-2022 09:44:37 AM
Found In Library: Security

RE: Headcount of Information Security Team

Posted By Mike Lanham 11-29-2021 06:24:00 AM
Found In Egroup: Cybersecurity \ view thread
To add clarity...this teams is heavily focused on NIST 800-37 and NIST 800-53 implementation, with special emphasis on the continuous monitoring and attempting to keep leadership informed and engaged about risk decisions. By mutual agreement with CTO and myself (CISO), Cyber does not turn knobs ...

RE: Headcount of Information Security Team

Posted By Mike Lanham 11-29-2021 06:13:00 AM
Found In Egroup: Cybersecurity \ view thread
11 total, 7,250ish students, S&F, contractors...excluding all the applicants, and others involved in the admissions processes Myself, CISO...trying to get to Strategy, 2-4 years out...normally barely ability to get focused on 180 days out DeputyCISO...focused on day to day ops and anything known ...

RE: IAM and/or policies/governance for RPA

Posted By Mike Lanham 11-29-2021 05:59:00 AM
Found In Egroup: Cybersecurity \ view thread
Is RPA in this context robotic process automation? Michael J. Lanham, Ph.D. Chief Information Security Officer (CISO) & Associate Professor of Computer Science (Office) 845-768-3982 (Gov cell) 845-239-3022 michael.j.lanham.civ@army.mil WREN Issues? 1-877-326-8762 (24/7/365) or help.westpoint.edu ...

RE: New OmniSOC members

Posted By Mike Lanham 11-29-2021 05:57:00 AM
Found In Egroup: Cybersecurity \ view thread
I don't know if they are looking at supporting non USG .edu entities, but Naval Post Graduate School is working to build out their capacity to do SOC aaS. R/ Mike Michael J. Lanham, Ph.D. Chief Information Security Officer (CISO) & Associate Professor of Computer Science (Office) ...

Posted Documents for NIST 800-53....

Posted By Mike Lanham 11-29-2021 05:55:00 AM
Found In Egroup: NIST 800-171 Compliance \ view thread
Morning everyone. I dropped a collection of policy documents developed at US Military Academy here, https://connect.educause.edu/viewdocument/us-military-academy-policies-exempl?CommunityKey=5f3061cd-b060-45c1-b0f0-c105c953a66d&tab=librarydocuments I hope you find them useful. R/ Mike

RE: Policy Documents in support of implementing NIST 800-53

Posted By Mike Lanham 11-29-2021 05:48:00 AM
Found In Egroup: Cybersecurity \ view thread
Morning Everyone... I dropped the documents here, https://connect.educause.edu/viewdocument/us-military-academy-policies-exempl?CommunityKey=5f3061cd-b060-45c1-b0f0-c105c953a66d&tab=librarydocuments I hope you find them useful. R/ Mike Michael J. Lanham, Ph.D. Chief Information ...

RE: Policy Documents in support of implementing NIST 800-53

Posted By Mike Lanham 11-19-2021 01:19:00 PM
Found In Egroup: Cybersecurity \ view thread
I have also cross posted the documents to the 800-171 community as Brian suggested! R/ Mike Michael J. Lanham, Ph.D. Chief Information Security Officer (CISO) & Associate Professor of Computer Science (Office) 845-768-3982 (Gov cell) 845-239-3022 michael.j.lanham.civ@army.mil ...

US Military Academy Policies Exemplars for NIST 800-53

Posted By Mike Lanham 11-19-2021 01:17:25 PM
Found In Library: HEISC 800-171 Compliance
Cross-posting from the security community, though moderators are free to remove duplicate content... This collection of docx files are from the US Military Academy (USMA) in West Point, NY. There are 20+ files, of which one is a 'Regulation' signed by my equivalent to the college President. ...