While zero trust helps agencies secure their networks against outside adversaries, insider risk can still be a major problem, and many data loss prevention strategies leave gaps and do not effectively address insider risk.
New cybersecurity requirements under the Defense Federal Acquisition Regulations and Cybersecurity Maturity Model Certification may be important steps to shoring up the Defense Department’s cyber defenses, but some small businesses claim they’re increasingly placing big business compliance requirements on small businesses.
Dan Carayiannis, the director of public sector at RSA, said the increasing concern about technology products and components, and whether the technology suppliers understand and have transparency into the chain of custody created a wake-up call of sorts for public and private sector organizations.
Eric Trexler, vice president of Global Governments and Critical Infrastructure at Forcepoint, joins host Mark Amtower on this week's Amtower Off Center to discuss how the federal goverment's cybersecurity efforts are being affected by the pandemic.
Jon Etherton, president of Etherton and Associates, joins host Roger Waldron on this week's Off the Shelf to discuss the key policy provisions of the NDAA, and the current implementation of Section 889 and CMMC.
In today's Federal Newscast, the Office of the Director of National Intelligence has extended waivers for agencies requesting more time to excise that gear from their networks.
In today's Federal Newscast: Special Counsel Henry Kerner said the Hatch Act does not apply to Trump and Pence, the Post Office lost $1 billion dollars last month and a missing Fort Hood soldier is found dead.
In the end, CMMC is really just a change of procedure that will result in efficiencies by preventing things upfront that will create better efficiencies downstream.
Federal contractors have known it's coming. The Cybersecurity Maturity Model Certification program imposes on them, basic protective measures if they're dealing with the government and its data.
Let’s examine what CMMC means for the hundreds of thousands of small-medium subcontractors at the entry levels of CMMC -- levels 1, 2, and 3.
Michael Speca, president and Josh O’Sullivan, chief technology officer at Ardalyst, joined host John Gilroy on this week's Federal Tech Talk to talk about CMMC, small business, and the strengths and weaknesses of CMMC on the Microsoft platform.
In this digital age, where nearly everyone and everything is online and connected—and, therefore, perpetually vulnerable—nothing short of maximum diligence to good cybersecurity practices will suffice.
Now, a new whitepaper from Eclypsium models device security on the CMMC levels to help organizations progress from basic cyber hygiene to protecting from advanced persistent threats.
Chase Cunningham, principal analyst serving security and risk professionals at Forrester Research, joins host John Gilroy on this week's Federal Tech Talk for a wide ranging discussion of cybersecurity, CMMC, NIST 800 207, and risk management.