<div dir="ltr">I recommend my old company: <a href="http://yesexactly.com">Yes Exactly</a>.  <div><br></div><div><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><span style="font-size:small;font-style:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);color:rgb(102,102,102);font-family:tahoma,sans-serif"><div>Tess Gadwa</div></span><div style="text-align:start;text-indent:0px;background-color:rgb(255,255,255)"><span style="color:rgb(19,79,92);font-family:arial,sans-serif;font-style:normal;letter-spacing:normal;text-transform:none;white-space:normal;word-spacing:0px"><font size="1" face="tahoma, sans-serif"><b><br></b></font></span><div><font size="1" color="#666666" style="color:rgb(34,34,34);font-family:arial;font-size:small;font-style:normal;font-weight:normal;letter-spacing:normal;text-transform:none;white-space:normal;word-spacing:0px"><font size="2"><span style="color:rgb(19,79,92)"><span style="font-family:tahoma,sans-serif"><b>PDX Local</b>    <span style="color:rgb(19,79,92)"><a href="https://pdxlocal.net" target="_blank">pdxlocal.net</a></span></span></span></font></font><font size="1" color="#666666" style="color:rgb(34,34,34);font-family:arial;font-size:small;font-style:normal;font-weight:normal;letter-spacing:normal;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-family:tahoma,sans-serif"><br></span></font></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Jan 16, 2020 at 2:14 PM Kristie Stauch-White via Hidden-discuss <<a href="mailto:hidden-discuss@lists.hidden-tech.net">hidden-discuss@lists.hidden-tech.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr">FTL Labs Corporation is a small R&D business in Amherst that does much of its work for the Department of Defense. The Cyber Security regulations are becoming more complex and we could use an outside consultant to help us establish best practices. The federal regulations that apply to us can be found <a href="https://csrc.nist.gov/publications/detail/sp/800-171/rev-1/final" target="_blank">here</a>.</div><div dir="ltr"><br></div><div dir="ltr">Tasks may include:</div><div dir="ltr"><span id="gmail-m_-3050469955981587415gmail-docs-internal-guid-1454f1ab-7fff-87f4-86b0-7a6d9465a895"><ul style="margin-top:0px;margin-bottom:0px"><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Create a Policies document, listing each of the security controls as FTL policies</span></p></li><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Create a Procedures (or Standard Operating Procedure (SOP)) document </span></p></li><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Create a System Security Plan</span></p></li><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Get a DoD-approved medium assurance PKI certificate so we can report security incidents to the DoD</span></p></li><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Figure out a security monitoring system (like Nagios), which probably needs to monitor the firewall (and hopefully not everyone’s individual machines), for a continuous monitoring solutionCreate a Plan of Actions and Milestones document to notate any controls that have not been met and a plan of actions and milestone dates for meeting the controls</span></p></li><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Implement the technical solutions that are required, based on the previous documents</span></p></li><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Create an Incident Response Plan to comply with the requirements of incident response, including protocols for contact and reporting to Dibnet.</span></p></li><li dir="ltr" style="list-style-type:disc;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">Create or find existing Cybersecurity awareness training program for yearly employee training.</span></p></li></ul></span></div><div dir="ltr"><br clear="all"><div><div dir="ltr"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span><div><font size="2"><br></font></div><div><font size="2">Kristie Stauch-White</font></div><div><font size="2">VP of Operations and Technology</font></div><div><font size="2">pronouns: she/her</font></div></span><font size="1"><img src="https://docs.google.com/uc?export=download&id=0B2FaRq4FXgFpbldsT2xZRjRiOEk&revid=0B2FaRq4FXgFpYXJhckh6RlNXc3FkYVU0bmpCVjdaT2ZnaWF3PQ" width="200" height="35"></font><br><div><font size="2"><a href="http://www.ftllabscorp.com/" style="color:rgb(17,85,204)" target="_blank">www.ftllabscorp.com</a></font></div></div></div></div></div></div></div></div></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
</blockquote></div></div>

<br>
<div><img src="http://www.ftllabscorp.com/site/sites/default/files/ftl-signature-logo.jpg"></div><div>FTL Labs Corporation</div><div><a href="http://www.ftllabscorp.com" target="_blank">www.ftllabscorp.com</a></div><div>479 West Street Suite 48, Amherst, MA 01002</div><div>(413) 992-6075</div><div><br></div><div><span style="color:rgb(136,136,136);font-size:small">CONFIDENTIALITY 
NOTICE: This e-mail communication and any attachments may contain 
confidential or privileged information for the use of the designated 
recipients named above. If you are not the intended recipient, you are 
hereby notified that you have received this communication in error and 
that any review, disclosure, dissemination, distribution, or copying of 
it or its contents is prohibited. If you have received this message in 
error, please promptly notify the sender or <a href="mailto:admin@ftllabscorp.com" target="_blank">admin@ftllabscorp.com</a></span><span style="color:rgb(136,136,136);font-size:small"> and immediately delete this message and any attachments from your system.</span></div><br>_______________________________________________<br>
Hidden-discuss mailing list - home page: <a href="http://www.hidden-tech.net" rel="noreferrer" target="_blank">http://www.hidden-tech.net</a><br>
<a href="mailto:Hidden-discuss@lists.hidden-tech.net" target="_blank">Hidden-discuss@lists.hidden-tech.net</a><br>
<br>
You are receiving this because you are on the Hidden-Tech Discussion list.<br>
If you would like to change your list preferences, Go to the Members<br>
page on the Hidden Tech Web site.<br>
<a href="http://www.hidden-tech.net/members" rel="noreferrer" target="_blank">http://www.hidden-tech.net/members</a><br>
</blockquote></div>