Webinar 4
The final session of this series tackles three control families that rarely get top billing but are frequently where breaches begin. Dr. Ron Ross explains why System Maintenance, Physical Security, and Personnel Security are essential pillars of a defense-in-depth strategy — and what organizations consistently get wrong. If you think these controls are just boxes to check, this session will change your perspective.
Webinar 3
This session shows you exactly what assessors look for when validating that your controls actually work—not just exist on paper. Dr. Ron Ross examines Risk Assessment, Security Assessment, Awareness & Training, and Incident Response and reveals why traditional risk assessments overcomplicate CUI protection and why your system security plan determines assessment success.
Webinar 2
Technology controls are where well-prepared contractors still get tripped up. Dr. Ron Ross — author of NIST SP 800-171 — breaks down Configuration Management, System & Information Integrity, Maintenance, and Media Protection: what assessors look for, where contractors fall short, and how to account for CUI across every device and backup.
Webinar 1
Dr. Ron Ross breaks down the four foundational control families every contractor must get right before anything else: Access Control, Identification & Authentication, Audit & Accountability, and System & Communications Protection. What the requirements actually mean, how they work together, and what assessors expect to see.
