Saturday, October 16, 2021

Subscribers Only

Free

Final Changes to CMMC Coming “Very Soon”

The Defense Department says it will finalize and announce changes to its Cybersecurity Maturity Model Certification program “very soon,” as the department tries to strike a balance between its security goals and the costs and uncertainties the model will impose on contractors. Deputy Defense Secretary Kathleen Hicks launched a review of the CMMC earlier this […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Industry Groups Losing Patience with GSA, DoD

Industry associations say their members are losing patience with the government due to the slow pace of information sharing about GSA’s OASIS contract and DoD’s Cybersecurity Maturity Model Certification program. Late last week, the IT Industry Council, the Professional Services Council and the National Defense Industrial Association wrote to DoD to share their members concerns […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Government Contractors Ask DoD for More Engagement to Help Comply with CMMC

Three government contractor groups – the National Defense Industry Association, the Professional Services Council, and Information Technology Industry Council – have written to Deputy...

DoD Working on New Cyber Rules for Low-Earth-Orbit Comsat Constellations

The U.S. Space Force is working to wrap up a new cybersecurity certification process for commercial communications constellations in Low Earth Orbit, which have greater management requirements than more sparsely deployed traditional comsats in higher, geostationary orbits. The service’s Commercial Satellite Communications Office will update its 2019 Infrastructure Asset Pre-Assessment (IA-Pre) program with new cybersecurity […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Defense Stands Up Supply Chain Resiliency Working Group

The Defense Department has created a new Supply Chain Resiliency Working Group, dedicated to addressing challenges with its supply chain visibility and resiliency, including...

Private Health Information of Well-Known Defense Department Personnel is Accessible to Other DoD Personnel

The Defense Department Office of Inspector General performed an audit to determine whether the department effectively controlled access to health information of well-known DoD personnel. Using a sample of 38 individuals who had become well-known to the public, GAO determined that DoD “did not effectively control access to health information of well‑known DoD personnel and […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The CMMC is Here to Stay, But Has Room for Improvement

In an opinion piece for Federal News Network, Eric Crusius of Holland & Knight and Ed Bassett of NeoSystems welcome the DoD’s ongoing review of the Cybersecurity Maturity Model Certification program, because there are several areas they believe need improvement. Their observations and recommendations include: The cost of obtaining a CMMC certification can be especially […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Don’t Fixate on CMMC Maturity Level: Start With Foundational Best Practices

There’s a lot of buzz about the Cybersecurity Maturity Model Certification regulations introduced by the Department of Defense. Rightfully so – it’s a BIG deal. However, contractors would be better served spending more energy on starting to take action vs. trying to determine when the program will become effective or apply to their specific organization […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CMMC-AB CEO Identifies Remaining Hurdles for C3PAOs to Start

During an event sponsored by Washington Technology, CMMC Accreditation Body CEO Matt Travis says that CMMC assessors can begin their work once some training...

Army Now Successfully Downloading Software Updates Instead of Mailing CDs

A new software repository is helping the Army more rapidly deploy patches and other updates to units, and to identify which have downloaded them. This is a big improvement over its previous method of mailing CDs containing software updates. For example, following the SolarWinds breach, most units had the company’s patch within a day. The […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.