Webinar Replay


Guest speaker Scott Giordano discusses how data discovery and data classification, when combined with information security frameworks help bring organizations into compliance with a myriad of regulations, including the GDPR. 

October of 2016, the U.S. Department of Defense published the final version of Safeguarding Covered Defense Information and Cyber Incident Reporting (DFARS 252.204-7012).  The rule requires contractors to establish information security controls based on NIST SP 800-171 and to notify the DoD of a cybersecurity breach within 72 hours.  Moreover, these requirements must be flowed down to subcontractors. 

Much of the challenge in complying with the rule is in determining where Controlled Unclassified Information (CUI) lies throughout your organization and labeling it in a way that leverages the data protection abilities of data loss prevention (DLP) and other tools you already have in place.  Data Discovery & Classification (DD&C) represents the ability to examine your entire information ecosystem in real time, identify a variety of sensitive data types, and apply the labels that will both assist in meeting the requirements of 800-171 and effectively proving it to prime contractors or the DoD.  With a December 31 deadline looming, getting a compliance program in place has become imperative for many in the aerospace and defense industry. 

In this session, industry veterans will offer their perspectives on using DD&C to meet 7012 ahead of the deadline, including: 

  • Controlled Defense Information (CDI) vs. Controlled Unclassified Information (CUI) and why it matters
  • DD&C capabilities vs. traditional discovery tools
  • How DDC fits into 800-171
  • Rationalizing multiple information security and privacy requirements with one effort

Who should attend: Federal employees and contractors in information security and cyber security, also Information Officers including CIOs, Information Security Directors, Staff Attorneys, Privacy and Compliance

Watch Now
Beating the DFARS 7012 Compliance Deadline
with Data Discovery & Classification
Scott Giordano
Esq., FIP, CISSP, CIPP/US/E/C, CIPT, CIPM
Webinar