The rulemaking is largely what CMMC insiders expected, but it still raises questions, like how the certification program will impact external IT service providers.
Before their finalization, the proposed rules received over 200 comments from industry groups, universities and legal firms. Many of them highlight the complexities of cyber incident reporting and the many potential conflicts it has with the transparency the SEC seeks to provide investors.
The Energy Department created standard training courses to ensure employees have a baseline understanding of zero trust requirements, while the CFBP is focused on software development, including open source software.
In today's Federal Newscast: Some 6,000 vendors fail to comply with the ban on Chinese telecommunications equipment. A tiny agency has cleared it's backlog of incident reports in time for 2024. And the Marines Corps is looking for a new chief information security officer.
Ask the CIO, Federal News Network’s longest running show, received attention for the unusual agencies or people rather than the usual topics of cloud, cyber and customer experience.
Defense contractors are parsing out a nearly 250-page proposed rule. It landed sort like a lump of coal on Christmas Eve. It is all about a program known as Cybersecurity Maturity Model Certification (CMMC).
U.S. Indo-Pacific Command says it's starting with a clean sheet of paper on the topic of network defense, building a mission partner network that incorporates zero trust from the beginning.
In the rapidly evolving landscape of modern warfare and the escalating dependence on virtual mission collaboration, the demand for a more secure MPE has become exceedingly pressing. The moment to take action has arrived.
The Defense Department ranks high among federal agencies seeking expertise in quantum computing, the next big thing in computing. DoD agencies have established several ways to recruit and hire people with chops in quantum sub-skills. But the Government Accountability Office (GAO) finds, they're not all following the best practices for getting the people they need. For more, the Federal Drive with Tom Temin spoke to Candice Wright, the GAO's Director of Science, Technology Assessment and Analytics .
Experts say the national cyber strategy was the biggest development of 2023, but several other events also made for an interesting year in cyber.
The White House has outlined major initiatives to boost the cyber workforce, with federal agencies leading the charge in adopting "skills-based" hiring.
The much-anticipated rule lays out DoD's plan for the Cybersecurity Maturity Model Certification requirements.
Congress wants spy agencies to hire more experts in financial intelligence, emerging technology.
Wayne LeRiche, the federal civilian field chief technology officer and solutions architect for Palo Alto Networks Federal, said secure access service edge (SASE) sets a framework for agencies to get more easily implement a zero trust architecture.
The Biden administration's executive order on cybersecurity from three years ago alerted the uninitiated to the existence of software bills of material (SBOMs). The idea is, knowing all of the elements that make up a software package can help buyers better understand their cybersecurity holes. But can the SBOM also give hackers the blueprint they need. For analysis, the Federal Drive with Tom Temin talked with Endor Labs adviser and former federal cybersecurity manager Chris Hughes.