Cybersecurity Maturity Model Certification

Proposed CMMC rule contains no surprises, but raises some initial questions

The rulemaking is largely what CMMC insiders expected, but it still raises questions, like how the certification program will impact external IT service…

Acquisition Policy

Amelia Brust/Federal News Network

What contractors should do now about DoD’s new cyber security rule

Cybersecurity

DoD outlines four-phase approach to implement CMMC in proposed rule

Defense News

Amelia Brust/Federal News Network

Five things to watch as Pentagon prepares to issue CMMC rule

Acquisition Policy

(AP Photo/Lynne Sladky)

FILE - In this Nov. 20, 2020, file photo a U.S. Department of Homeland Security plaque is displayed a podium as international passengers arrive at Miami international Airport where they are screened by U.S. Customs and Border Protection in Miami. The damned-if-you-pay-damned-if-you-don’t dilemma on ransomware payments has left U.S. officials fumbling about how to respond. While the Biden administration “strongly discourages” paying, it recognizes that failing to pay would be suicidal for some victims. (AP Photo/Lynne Sladky, File)

DHS lays out new ‘cybersecurity readiness’ metrics for contractors

Acquisition Policy

Practical advice for contractors dealing with new cybersecurity rules

Cybersecurity

CIRCIA, CMMC inch closer with rulemaking marathons nearing crucial stage

Cybersecurity

FISMA reform bill moves forward in Senate, while CMMC goes to White House review

Cybersecurity

DoD and industry need relationship counseling

Commentary

NIST updates crucial guidelines for protecting sensitive information

Cybersecurity

Squeaky-clean cyber hygiene: Ready your organization now for FedRAMP and CMMC changes to come

Commentary

Cybersecurity and secure nerwork concept. Data protection, gdrp. Glowing futuristic backround with lock on digital integrated circuit.

Data breach at your agency? Better report it and get it over with

Agency tech staffs must, by law and regulation, report cybersecurity breaches. But some industry surveys show that organizations do not always report breaches,…

Cybersecurity

NIST’s changes to SP 800-171 stress flexibility, harmonization

The National Institute of Standards and Technology’s new draft update to Special Publication 800-171, Revision 3 takes into account a year’s worth…

Cybersecurity

Industry skepticism about a Defense Department cybersecurity policy is only growing

Cybersecurity

Perhaps you have heard of CMMC, the Cybersecurity Maturity Model Certification program. Now in its 2.0 version, it is supposed to lay minimum cybersecurity standards on contractors doing business with the Defense Department.