All Posts

What is Nist

NIST Compliance? If your organization often works with the US government, involved in various businesses, you’ll surely understand the importance of compliance. Also, you must already be aware that sensitive information shared with the organization outside the government, is put through the highest security standards. The National Institute of Standards and Technology (NIST) is a non-statutory federal agency that establishes…

Read more

CMMC

Cybersecurity Maturity Model Certification DoD (Department of Defense) planned to move to a new framework to gauge and enhance the cybersecurity stance of the DIB (Defense Industrial Base). The CMMC has been created with the intention to serve as a verification mechanism. It helps ensure appropriate levels of cybersecurity practices and processes are in order. This is done to set…

Read more

Industry on pins and needles as DoD, accreditation body to finalize CMMC agreement

The Defense Department is one small step away from officially getting the Cybersecurity Maturity Model Certification off the starting blocks. Ellen Lord, the undersecretary of Defense for Acquisition and Sustainment, is ready to sign off on the memorandum of understanding with the CMMC accreditation body that would jumpstart the training of third-party assessment organizations. Katie Arrington, the chief information security officer for…

Read more

Officials worry Iran will target defense contractors with cyberattacks

The Department of Defense remains on alert for retaliation in cyberspace for a U.S. attack that killed a top Iranian general. But security experts and federal officials warn that Iran could target the military another way — through potentially vulnerable defense contractors. Weak cybersecurity practices in the complex DOD supply chain could make those companies attractive targets if Iran wanted to strike…

Read more

Navigating Risky Waters Of DOD Cybersecurity Certification

Law360 (February 6, 2020, 5:13 PM EST) — On Jan. 30, the U. S. Department of Defense released version 1. 0 of the Cybersecurity Maturity Model Certification, or CMMC, framework, which will require DOD contractors and subcontractors to obtain third-party certification of their cybersecurity maturity. [1]This highly anticipated 390-page release supersedes the prior draft versions, the last of which was…

Read more

DOD to Require Cybersecurity Certification in Some Contract Bids

By the end of September, the Defense Department will require at least some companies bidding on defense contracts to certify that they meet at least a basic level of cybersecurity standards when responding to a request for proposals. DOD released its new Cybersecurity Maturity Model Certification today, billed by the undersecretary of defense for acquisition and sustainment as “Version 1.0.”…

Read more

DoD to debut new cyber assessment program for contractors in less than a year

The Defense Department has an ambitious schedule for a serious overhaul of the way it monitors and enforces cybersecurity within its industrial base. If all goes as planned, vendors could start to see the new model showing up in formal solicitation documents in less than a year from now. The Cybersecurity Maturity Model Certification (CMMC), in development since March, is the department’s…

Read more