Acquisition

Real-world CMMC

FCW asked two contract lawyers what vendors really need to know about the Cybersecurity Maturity Model Certification program.

  • By Lauren C. Williams, FCW
Cybersecurity

DOD releases interim cybersecurity rule

The rule is designed to ensure DOD contractors are adhering to a uniform standard for protecting controlled unclassified information is protected. But while trade groups representing government and defense contractors have lauded the framework but criticized the implementation and rulemaking process.

  • By Lauren C. Williams, FCW
Cybersecurity

How to shift CMMC for the future

While the goal of Cybersecurity Maturity Model Certification is to establish a unified standard for cybersecurity practices across the DOD, it does not directly address specific control expectations or risks associated with organization-specific threat actors.

  • By Jason Crabtree, FCW
Cybersecurity

CMMC clears key regulatory hurdle

The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • By Lauren C. Williams, FCW
Acquisition

Shakeup at CMMC board

The independent board charged with implementing the Defense Department's unified cybersecurity standard has new leadership as it announces new milestone hit.

  • By Lauren C. Williams, FCW
Modernization

CMMC reciprocity guidelines are still a work in progress

The Defense Department is hoping to begin rolling its Cybersecurity Maturity Model Certification program later this year, but questions remain about how reciprocity with FedRAMP will be handled.

  • By Lauren C. Williams, FCW
Cybersecurity

4 ways to prepare for Cybersecurity Maturity Model certification

While this compliance may seem challenging, your company can be ready.

  • By Dave Simprini, FCW
Cybersecurity

CMMC training registration opens, but implementation worries persist

The first cadre of DOD cybersecurity assessors is expected to graduate by early August, but concerns loom over Cybersecurity Maturity Model Certification.

  • By Lauren C. Williams, FCW
Cybersecurity

NSA launches pilot program to secure defense contractors

The National Security Agency is testing a secure domain name system model to better secure companies in the defense industrial base, which houses much of the nation's weapons technology.

  • By Lauren C. Williams, FCW
Cybersecurity

Supplier ownership should be considered in assessing supply chain risk

Many vendors lack transparency into their own supply chains. So how can vendors – as well as their government customers — be assured that their sub-tier suppliers do not pose threats or vulnerabilities?

  • By Erik Ekwurzel, FCW
Previous