Cyber

What’s next for CMMC

After the Defense Department revamped cybersecurity standards for contractors, the Cybersecurity Maturity Model Certification program’s accreditation body is making adjustments.

Could faster buying undermine electronic warfare prep?

Some measures that protect weapons systems against electronic vulnerabilities can be “pushed aside” during rapid acquisitions, according to David Tremper, the electronic warfare director for the Defense Department.

CISA draws plans for more secure federal civilian email

The Cybersecurity and Infrastructure Security Agency wants to beef up federal civilian email security with CISA-provisioned threat hunting and incident response efforts, according to a request for information published last week.

Checking in with the Army and Navy principal cyber advisors

Congress established service level principal cyber advisors in the 2020 defense policy bill. FCW sat down with the Army and Navy PCAs to get a sense of what their priorities have been in the past year.

CISA issues enterprise mobile security checklist

The Enterprise Mobility Management system checklist outlines steps for device management, authentication, app and network security as well as defending enterprise systems from mobile devices.

Top cyber lawmaker previews 2022 legislation goals

Rep. Jim Langevin (D-R.I.) is looking to create a statutory framework for threat information sharing and mitigation between a small number of critical infrastructure firms and the federal government.

Federal government is still in the dark on ransomware

Information on the majority of ransomware attacks targeting American companies and civilian agencies remains unreported to the Department of Homeland Security, a top cyber official told lawmakers.

Homeland Security updates cyber workforce system

The Department of Homeland Security’s Cybersecurity Talent Management System updates the agency’s practices around hiring, compensating and developing employees.

FBI wants input on cyber reporting legislation

A top FBI cyber official told lawmakers on Tuesday that the bureau could face significant challenges addressing cyberattacks and ransomware incidents if it was not included in breach disclosure requirements being considered in legislation.

Who's ready to volunteer for the new CMMC?

The Defense Department is looking for contractors to test out its revamped cybersecurity standard to protect unclassified but sensitive data.

Creating a cyber talent pipeline for DOD contractors

Old Dominion University’s School of Cybersecurity is training cyber experts to be fluent in the Defense Department’s cybersecurity requirements so they can help defense contractors stay secure.

CISA directive requires vulnerability fixes in 6 months

A new binding operational directive puts federal civilian agencies on a six-month clock to remediate known vulnerabilities.

DOD revamps controversial CMMC program

After a nine-month review, the Defense Department is replacing its original cyber compliance program for the industrial base with CMMC 2.0, putting more emphasis on self-assessment.

White House pick for DOD CIO eyes tweaks to CMMC

The Biden administration's pick to be the Pentagon's tech chief wants to make it easier for small businesses to adhere to the Defense Department's cybersecurity standards and expand network optimization across the entire enterprise.

The state of CMMC from an assessor perspective

The Cybersecurity Maturity Model Certification program is a step forward for DOD and its contractors to improve the nature and the operation of the DOD supply chain in today’s cybersecurity-focused world.

State Department to get cyber bureau

The secretary of State named cybersecurity and emerging tech as critical areas for capacity building at State, alongside climate, global health and multilateral technology.

New missions could present challenges for DODs cyber workforce

Mieke Eoyang, the deputy assistant secretary of defense for cyber policy said one of DOD's main cyber workforce challenges is being able to set expectations around policymakers' calls to step in and defend against cyberattacks.