Damon Armour

Director of Information Security, Risk & Assurance
North Carolina State University
Raleigh, North Carolina,
UNITED STATES

Biography

20+ years in Information Technology roles. 14+ years in a leadership role in Information Security. Of those 20+ years, over 15 have been at state funded academic institutions. In addition, I earned my MBA in May 2008, which greatly aided me in fulfilling my goal of integrating information security into all facets of an entityʼs operations. To formalize my information security experience, I obtained a CISSP certification in May 2011, a CISM certification in September 2012 and recently a GIAC Strategic Planning, Policy, and Leadership (GSTRT) in 2019. Focus areas: Data Governance/Management IT/Cybersecurity Strategic Planning IT Risk Management Policy, Compliance Cybersecurity Awareness, Education & Training IT Governance, Risk & Compliance solutions NIST 800-171, CSF, RMF Privacy Frameworks

EDUCAUSE Publications

NIST SP 800-171 Overview
- September 16, 2022
- Policies, Guidelines, Plans and Toolkits
- Author
This overview provides a review of the timeline that introduced NIST SP 800-171 "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations" as a compliance framework, an overview of the control families for the 110 controls and a discussion of the impacts and concerns for higher education.
NIST SP 800-171 Toolkit
- September 16, 2022
- Policies, Guidelines, Plans and Toolkits
- Author
In this toolkit, you will find an overview of NIST SP 800-171 and its implications for higher education, questions to ask during project planning, 7 Things You Should Know About CMMC to use when speaking with stakeholders and leadership, and a customizable control evaluation.
7 Things You Should Know About Cybersecurity Maturity Model Certification (CMMC)
- September 15, 2022
- Briefs, Case Studies, Papers, Reports
- Contributor
The Cybersecurity Maturity Model Certification (CMMC) is a set of policies and practices that address the protection of federal Controlled Unclassified Information (CUI) data through administrative, physical, and technical controls.

See All Publications by Damon Armour

EDUCAUSE Presentations

Advanced System Security Plan Workshop (Separate Registration is Required)
- Cybersecurity and Privacy Professionals Conference, May 1
Taking CMDB to the Next Level by Capturing Data Inventory on Assets that Will Automate GRC Efforts
- Cybersecurity and Privacy Professionals Conference, May 4

See All Presentations by Damon Armour

Memberships

EDUCAUSE

Member

EDUCAUSE Involvement

NIST 800-171 Compliance Toolkit
- Member: 2021 - 2022

Damon Armour

Director of Information Security, Risk & Assurance

North Carolina State University

Raleigh, North Carolina, UNITED STATES

Biography

EDUCAUSE Publications

NIST SP 800-171 Overview

NIST SP 800-171 Toolkit

7 Things You Should Know About Cybersecurity Maturity Model Certification (CMMC)

EDUCAUSE Presentations

Advanced System Security Plan Workshop (Separate Registration is Required)

Taking CMDB to the Next Level by Capturing Data Inventory on Assets that Will Automate GRC Efforts

Memberships

EDUCAUSE Involvement

NIST 800-171 Compliance Toolkit

Raleigh, North Carolina,
UNITED STATES