The Pentagon’s newly implemented Cybersecurity Maturity Model Certification (CMMC) rule is receiving a mixed reaction from lawmakers on Capitol Hill. […]
The U.S. Army is launching a pilot program to help small businesses meet the cybersecurity requirements of the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program, as the Pentagon moves to integrate these standards into defense contracts. […]
After a lengthy series of revisions and what feels like an eternity in regulatory limbo, the Department of Defense’s (DoD) long-awaited cybersecurity compliance policy has finally arrived. […]
After what feels like an eternity in regulatory limbo, the Department of Defense’s (DoD) long-awaited cybersecurity compliance policy cleared the regulatory review process, moving toward Congressional review before it becomes law. […]
The Department of Defense (DoD) is on the verge of implementing a key aspect of its Cybersecurity Maturity Model Certification (CMMC) program, following the completed review of a proposed rule that will modify the Defense Federal Acquisition Regulations. […]
While implementing a zero trust architecture in the Federal government can often feel like a compliance activity, cybersecurity experts on Tuesday stressed that it’s more than just meeting standards and requirements – it’s about protecting your intellectual property and people. […]
The Pentagon submitted its proposed rule to implement the Cybersecurity Maturity Model Certification (CMMC) program to the White House for review in July and is now gearing up for the next phase of the rulemaking process: industry comments. […]
The Department of Defense (DoD) on Monday submitted its proposed rule to implement the Cybersecurity Maturity Model Certification (CMMC) program to the Office of Management and Budget (OMB) for review. […]
The Department of Defense is collaborating with Federal civilian agencies to impose a new Federal Acquisition Regulation (FAR) rule that would apply new Cybersecurity Maturity Model Certification (CMMC) requirements to vendors that handle controlled unclassified information, according to the DoD CMMC lead. […]
More than 87 percent of Pentagon supply chain contractors have failed minimum cybersecurity regulations, a new report by CyberSheath said. […]
While the Department of Defense’s (DoD) new Cybersecurity Maturity Model Certification (CMMC) program seeks to significantly improve the way its contractors store and protect sensitive data, it cannot direct industry on what actions they need to take to be CMMC compliant, said the DoD CMMC lead. […]
By: Kyle Dimitt, Principal Engineer, Compliance Research at LogRhythm Supply chain attacks have been on the rise across the globe, as we saw with targeted attacks against SolarWinds and Kaseya. The spike has created a large risk in the Federal government since industry supply chains don’t necessarily have to adhere to a set level of […]
President Biden is nominating Radha Iyengar Plumb to serve as the next Deputy Under Secretary of Defense for Acquisition and Sustainment, the White House announced June 15. Plumb currently serves as the chief of staff for the Deputy Secretary of Defense and has a history in industry, as well. […]
As the exclusive assessor partner for the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program, the Cybersecurity Maturity Model Certification Accreditation Body has worked to make itself an accessible partner for the Defense Industrial Base. […]
The fiscal year (FY) 2023 National Defense Authorization Act (NDAA) continued to take shape today as the House Armed Services Subcommittee on Cyber, Innovative Technologies, and Information Systems voted to approve its markup of language related to cybersecurity and other tech matters that likely will be featured in the NDAA. […]
President Biden has nominated Laura Taylor-Kale to be the next assistant secretary of Defense for Industrial Base Policy, the White House announced May 13. […]
The Department of Defense (DoD) is in the process of updating the Code of Federal Regulations (CFR) to include the Cybersecurity Maturity Model Certification (CMMC) 2.0 program, and DoD’s Principal Deputy CIO Kelly Fletcher said that an updated CFR should be available for public comment by March 2023. […]
Rep. Elissa Slotkin, D-Mich., said today that in a world free of constraints she would want companies to need cybersecurity hygiene certifications in order to deal with the Federal government. […]
After a lengthy internal review process, the Department of Defense (DoD) released its Cybersecurity Maturity Model Certification (CMMC) 2.0 requirements in November and is now in the early stages of a rulemaking process to implement the revised program. […]
The Department of Defense (DoD) expects around 80,000 Defense Industrial Base (DIB) contractors will need a third-party assessment to reach Level 2 compliance for the Cybersecurity Maturity Model Certificate (CMMC) 2.0 program – double the previously estimated number of companies. […]
In a reorganization of responsibilities, the Department of Defense (DoD) has put the Cybersecurity Maturation Model Certificate (CMMC) program under the oversight of the DoD’s Office of the CIO (OCIO), a shift from being the responsibility of the Under Secretary of Defense for Acquisition and Sustainment (A&S), according to a Feb. 3 release. […]
The Accreditation Board (CMMC-AB) for the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program has elected Vice Chair Jeff Dalton to be its next CMMC-AB Chair, the board announced Dec. 20. […]
Despite the Department of Defense’s (DoD) efforts to add its Cybersecurity Maturity Model Certificate (CMMC) program to its acquisition process beginning in 2021 and up until full implementation in fiscal year (FY) 2026, a new report from the Government Accountability Office (GAO) found that DoD has not met its implementation goals, nor properly communicated key decisions with industry. […]
A top network security official with the Department of Homeland Security (DHS) – which is developing its own plans to evaluate contractor cybersecurity – aired some concerns this week with recent changes that the Defense Department (DoD) announced with its own Cybersecurity Maturity Model Certification (CMMC) program. […]
After a lengthy review process, the Department of Defense today issued an update to its Cybersecurity Maturity Model Certification (CMMC) program – dubbed CMMC 2.0 – that will simplify some of the cybersecurity requirements for contractors in the Defense Industrial Base (DIB) looking to do business with the government. […]
Industry groups are pressing Deputy Secretary of Defense Kathleen Hicks and the Department of Defense (DoD) to publicly reaffirm the Pentagon’s commitment to is Cybersecurity Maturity Model Certification (CMMC) program. […]
The Department of Homeland Security (DHS) is launching a “pathfinder assessment” to look into a cybersecurity compliance program for its supply chain base – similar to the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program that has been in the works for more than two years. […]
The Department of Energy (DoE) has released an updated version of its Cybersecurity Capability Maturity Model (C2M2) with updates to address the cybersecurity of critical infrastructure, DoE’s Cybersecurity, Energy Security, and Emergency Response (CESER) unit announced July 21. […]
Katie Arrington is currently on leave as the Department of Defense’s (DoD) chief information security officer (CISO) for acquisition and sustainment, a DoD spokesperson confirmed to MeriTalk. […]
The Accreditation Board (CMMC-AB) for the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) has approved the first Certified Third-Party Assessment Organization (C3PAO) in the Defense Industrial Base (DIB), the CMMC-AB announced today. […]