At its most basic level, under CMMC 2.0, defense contractors and subcontractors that have access to controlled unclassified information (CUI) will be required to demonstrate the “maturity” of their cybersecurity programs against a set of increasingly advanced capabilities.
By Jaspreet GillInsights on digital transformation following successes on B-21 and Sentinel
Customers and employees are experiencing the ‘Butterfly Effect’ of digital transformation from key national security programs.
“In my mind, these are some of these avenues that we’re looking at at an idea phase now to see if we can put resources behind it,” said Robert Vietmeyer, director for cloud and software modernization.
By Jaspreet Gill
“For instance, in the CMMC realm, rather than go out and assess each and every network of our industry partners, I’m kind of keen on establishing some sort of cloud services […]” said David McKeown, DoD deputy chief information officer and senior information security officer
By Jaspreet Gill
“There’s a cost to your IP, there’s a cost to the US government and there’s a benefit to our adversaries if we don’t do something like this,” DoD Chief Information Officer John Sherman said of the Cybersecurity Maturity Model Certification program.
By Jaspreet Gill
That conclusion is part of the National Defense Industrial Association’s third annual Vital Signs 2022 report, which offers an analysis of the US’s defense industrial base.
By Jaspreet Gill
DoD said it will be “increas[ing] oversight of professional and ethical standards of third-party assessors.”
By Brad D. Williams
CMMC 1 is “what you’ve got to have to make sure your neighbor is not in your Netflix,” quipped Stacy Bostjanick, director of CMMC. “It’s very easy, and commensurate with basic cyber hygiene. I recommend that everyone get there, but as a COTS provider, you don’t have to.”
By Kelsey Atherton
A major overhaul is coming in software for missile warning
Space Systems Command’s FORGE program is the first, major missile-warning software modernization effort in 20 years.
“A determined adversary with the right capabilities is going to find their way in, especially if they put all their resources to bear on it,” said Karlton Johnson, the chair of the CMMC Accreditation Body board of directors.
By Kelsey Atherton
Designed to help secure the supply chain, CMMC requires the defense industrial base to protect Controlled Unclassified Information.
By Barry Rosenberg
“This is the start of a new day in the Department of Defense where cybersecurity, as we’ve been saying for years is foundational for acquisitions, we’re putting our money where our mouth is. We mean it,” Katie Arrington says.
By Kelsey Atherton
presented by
Smart tools and emerging technologies can deliver the Next-Gen Interceptor more affordably and faster than any other missile defense system.
By Lockheed Martin
The NSA cannot mandate patching on its own, but the new Cybersecurity Maturity Model Certification (CMMC) allows the Pentagon to penalize companies in its supply chain that fail to adequately protect their networks.
By Kelsey Atherton
Undersecretary Ellen Lord took pains today to emphasize companies would have plenty of time and plenty of help to meet new security standards. Is she going too slow?
By Sydney J. Freedberg Jr.
