ASSESSING COMMON CONTROL DEFICIENCIES IN CMMC NON-COMPLIANT DOD CONTRACTORS

Vijayaraghavan Sundararajan (12980984)

05 July 2022

<p> As cyber threats become highly damaging and complex, a new cybersecurity compliance certification model has been developed by the Department of Defense (DoD) to secure its Defense Industrial Base (DIB), and communication with its private partners. These partners or contractors are obligated by the Defense Federal Acquisition Regulations (DFARS) to be compliant with the latest standards in computer and data security. The Cybersecurity Maturity Model Certification (CMMC), and it is built upon existing DFARS 252.204-7012 and the NIST SP 800-171 controls. As of 2020, the DoD has incorporated DFARS and the National Institute of Standards and Technology (NIST) recommended security practices into what is now the CMMC. This thesis examines the most commonly identified security control deficiencies faced, the attacks mitigated by addressing these deficiencies, and suggested remediations, to 127 DoD contractors in order to bring them into compliance with the CMMC guidelines. By working with a compliance service provider, an analysis is done on how companies are undergoing and implementing important changes in their processes, to protect crucial information from ever-growing and looming cyber threats. </p>

Data security and protection

Hardware security

Software and application security

System and network security

Information security management

Security Control Deficiency

Mitigation

CMMC

NIST SP 800-171

Assessment

Control Family

Cybersecurity

Remediation

Cyber-attacks

Vulnerabilities

Biometric Multi-modal User Authentication System based on Ensemble Classifier

Assaad, Firas Souhail

January 2014

No description available.

Bioinformatics

Computer Engineering

Computer Science

Artificial Intelligence

algorithm

authentication

biometric

classifier

credentials

eigenfaces

multi-modal

recognition

score level

fusion

MFCC

Viola Jones

LBG

Mel Frequency Cepstral Coefficients

voice print

Linde Buzo Gray

ELSDSR

Yale Extended

NIST FERET

Server client

Adapting digital forensics processes for quantum computing : Insights from established industry guidelines supplemented by qualitative interviews

Svenblad, Tobias

January 2024

This thesis explores the evolving landscape of digital forensics in the context of quantum computing advancements, which challenge the foundational integrity of digital evidence. The focus is on the globally recognized digital forensic guidelines, NIST SP 800-86 and ISO/IEC 27037:2012, and their capacity to safeguard evidence against the unique capabilities of quantum systems. This thesis identifies vulnerabilities within existing forensic models through a comprehensive document analysis and expert interviews and proposes strategic modifications to enhance their robustness. Key findings suggest that traditional digital forensic methodologies, while robust under current technological standards, must address quantum data’s multi-state, entanglement, and no-cloning properties, which can fundamentally alter digital evidence. The thesis advocates for a paradigm shift in forensic processes to incorporate quantum-resistant techniques that ensure the integrity and admissibility of evidence. Additionally, it highlights the necessity for ongoing education and collaborative research to effectively adapt digital forensics to this new technological era. This research contributes to the theoretical framework and practical applications of digital forensics, aiming to future-proof forensic practices against the disruptive nature of quantum computing.

Digital forensics

quantum computing

forensic guidelines

NIST SP 800-86

ISO/IEC 27037:2012

evidence integrity

quantum-resistant techniques

quantum superposition

quantum entanglement

no-cloning theorem

forensic process adaptation

quantum forensics

digital evidence

quantum era challenges

forensic methodology

Information Systems, Social aspects