A task force of DHS’s Cybersecurity and Infrastructure Security Agency plans to release supply chain guidance that incorporates aspects of DOD’s Cybersecurity Maturity Model Certification program. Robert Kolasky, director of CISA’s National Risk Management Center, says they are collaborating with the CMMC program, “to make sure that we suck in the way that questions are being asked of the defense industrial base and translate that into other markets in a similar way.” Unlike CMMC, CISA’s “supply chain essentials” guidance will be voluntary for federal agencies and private sector entities within the 16 critical infrastructure sectors that CISA is tasked to oversee.
Cybersecurity, Privacy, & AI
Trending Now
CMMC Compliance as a Service: A New Model for DOW Contractors • GSA Announces a Fresh Cohort of Presidential Innovation Fellows • Supreme Court Justices Skeptically Question Both Sides in Geofence Surveillance Case • Pentagon Workers Vibe-Code 100,000 AI ‘Agents’ to Use on Unclassified Networks • CISA, UK NCSC Warn of China-Linked Covert Cyber Networks in New Advisory
CISA’s Coming Supply Chain Guidance to Align with Pentagon’s Vendor Certification Program
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.