DoD Adds Scrutiny to Contractor Cybersecurity Programs

DoD Adds Scrutiny to Contractor Cybersecurity Programs

Background Over the past few years, the US federal government has been gradually trying to improve its cybersecurity program, and has been encouraging contractors to do the same. The US Department of Defense led the way in these efforts, including through a variety of initiatives like DFARS 252.204-7012 and the Cybersecurity Maturity Model Certification (“CMMC”) program. The CMMC program…

75/25 – We Need You

75/25 – We Need You

Regan Edens’ LinkedIn post is nothing short of a CMMC national call to action. To bottom line it, there are two facts. According to John Ellis at DIBCAC there have been just shy of 20,000 SPRS scores submitted out of a pool, we are told, of 80,000. Best government estimates are that the interim rule changes…

Contractors not as Suppliers – but as Leaders

Contractors not as Suppliers – but as Leaders

I have to admit that I don’t always read things like the Executive Orders. As a regular citizen, I have always presumed they are filled with political platitudes rather than actionable direction. However, in discussing the Executive Order on Improving the Nation’s Cybersecurity with Jim Goepel, my colleague and founder of the CMMC Information Institute,…

Let’s Go DoD, There is Still Time to Fix CMMC.

Let’s Go DoD, There is Still Time to Fix CMMC.

Thank you, DoD, for showing us that you listen. In 2019 you listened and quickly created CMMC from the ether to answer a monumental need to secure our country’s supply chain. You showed you were listening again last week when you changed CMMC to address the concerns from contractors who felt CMMC 1.x was overly…

Establishing a Communication Framework

Establishing a Communication Framework

Cybersecurity. That word strikes fear in the heart of most business owners and senior managers. Why? Because every time they have a conversation with their technical team, the team throws in some new jargon: What yesterday was called SIM quickly became SIEM, and then, without them even realizing it, it is about to become SOAR….

FutureFeed CMMC 2.0 Upgrade

FutureFeed CMMC 2.0 Upgrade

The FutureFeed 2.0 upgrade to align with CMMC 2.0.Details regarding CMMC 2.0, announced on 04 NOV 2021 are available here: OUSD A&S – Cybersecurity Maturity Model Certification (CMMC) (osd.mil).The site is robust and easily consumed. It is a FutureFeed recommended read. FutureFeed Change Listing: FutureFeed is committed to a rapid upgrade cadence when underlying standards change….

End of content

End of content