Acquisition
Is it time to test the limits -- and potential -- of expanding CMMC?
Calls for a certified baseline of cybersecurity seem to increase with every cyberattack. Is the CMMC model the right template for a universal and independently verifiable way to protect supply chains?
Cybersecurity
CMMC board adds new training head, board members
Melanie Kyle Gingrich will take over training daily operations for the Cybersecurity Maturity Model Certification Accreditation Body as the vice president of training and development.
Cybersecurity
CMMC announces new advisory council to collect industry feedback
The new organization will eventually produce regular public reports and address common industry concerns like the cost of implementation.
Cybersecurity
Space Force satellite communications contract gets nod for CMMC
A request for information for the Inmarsat Broadband Global Area Network and Global Xpress contract was amended March 31 to include requirements for the CMMC pilot program.
Cybersecurity
Mandatory review of DOD's compliance on CMMC is delayed
The Defense Department was supposed to submit a review to Congress by March 1 assessing whether components complied with the guidelines of the Cybersecurity Maturity Model Certification program. That deadline has been pushed to June.
Cybersecurity
First set of CMMC certification orgs emerge
The Defense Department's unified cybersecurity program is making gains with its first tranche of certifying bodies, but assessments for defense contractors are a ways off.
Cybersecurity
CMMC board preps for staff changes
The body in charge of standing up and running the Defense Department’s unified cybersecurity standard is shifting its staffing arrangement.
Cybersecurity
CMMC board's training lead resigns
Ben Tchoubineh, the CMMC accreditation body's chair for training and CMMC board member Nicole Dean, the chief information security officer for Accenture, have voluntarily resigned, FCW has learned.
Acquisition
GSA preps guidance for using CMMC in civilian contracts
The General Services Administration wants to get ahead on training and education materials contracting officers will need as Cybersecurity Maturity Model Certification requirements become standard.
Cybersecurity
CMMC reciprocity in sight for 2021
The Defense Department is still figuring out how to give contractors reciprocity with the Cybersecurity Maturity Model Certification program and similar certifications, but the end is close, officials say.
Cybersecurity
Final rule, formal training orgs on CMMC could hit this summer
A final rule on the Defense Department's unified cybersecurity standard could debut as soon as this summer but implementation hinges on standing up a formal training system.
Acquisition
CMMC countdown is on but are there enough assessors to do the job?
Katie Arrington, DOD's CISO for acquisition, said having enough assessors to do in-person audits of defense contractors is her biggest concern.
Cybersecurity
Civilian-side CMMC
The General Services Administration will add more supply chain and cybersecurity protection language, including DOD's CMMC requirements for vendors, to its new contracts as risks grow, according to one of the agency's top acquisition managers.
Acquisition
NSA warns contractors on China hacks
The National Security Agency released details on 25 existing vulnerabilities that Chinese state-sponsored threat groups are using to try to penetrate defense industrial base networks.
Acquisition
Real-world CMMC
FCW asked two contract lawyers what vendors really need to know about the Cybersecurity Maturity Model Certification program.
Cybersecurity
DOD releases interim cybersecurity rule
The rule is designed to ensure DOD contractors are adhering to a uniform standard for protecting controlled unclassified information is protected. But while trade groups representing government and defense contractors have lauded the framework but criticized the implementation and rulemaking process.
Cybersecurity
How to shift CMMC for the future
While the goal of Cybersecurity Maturity Model Certification is to establish a unified standard for cybersecurity practices across the DOD, it does not directly address specific control expectations or risks associated with organization-specific threat actors.
Cybersecurity
CMMC clears key regulatory hurdle
The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.
Acquisition
Shakeup at CMMC board
The independent board charged with implementing the Defense Department's unified cybersecurity standard has new leadership as it announces new milestone hit.
Modernization
CMMC reciprocity guidelines are still a work in progress
The Defense Department is hoping to begin rolling its Cybersecurity Maturity Model Certification program later this year, but questions remain about how reciprocity with FedRAMP will be handled.
Almost There!
Help us tailor content specifically for you: