DOD not meeting same standards it plans to hold contractors to under CMMC The Pentagon established new requirements under the Cybersecurity Maturity Model Certification (CMMC) 2.0 program to hold contractors to better protecting sensitive defense data. But the Department of Defense itself hasn’t yet proven it can meet those same standards. More
Pentagon updates timeline for CMMC cybersecurity initiative The Department of Defense hopes to begin implementing its Cybersecurity Maturity Model Certification (CMMC) program requirements in contracts in May 2023, as part of an effort to prod hundreds of thousands of defense contractors to better protect their networks and controlled unclassified information. More
Cybersecurity agencies reveal top initial access attack vectors The advisory, jointly released by agencies from the United States, Canada, New Zealand, the Netherlands, and the United Kingdom, includes guidance to mitigate these routinely exploited weak security controls, poor security configurations, and bad practices. More
What the U.S. Military Needs to Learn from the Ukraine War As the brutal fighting continues in the Ukraine War, it seems likely to fundamentally upend the way we wage war in the 21st-century. From new tactics to equipment, the Russian invasion of Ukraine may presage fundamental changes in how war is conducted. What can Western militaries learn from the war thus far? More
Challenges of MICRO Contractors to the Defense Industry Cost Challenges to MICRO Contractors to the Defense Industry Series Post 1, Part 1 What Is a Micro-Contractor? Let’s start with defining what a micro contractor to the defense industry base is. The concept of a micro contractor is NOT related with the concept of a micro transaction, currently defined as any purchase under $10,000 as of Aug 31, 2020. A micro contractor is simply a company under ten employees which has secured a contract from the US government that contains CUI/FCI and other sensitive information. [...]
Have you received a letter from your DoD contract officer or prime contractor asking you to complete your NIST 800-171 Basic Assessment and enter your score into the Supplier Performance Risk System (SPRS)? * Are you concerned about keeping or getting new Defense contract work? * How is Cybersecurity/DoD’s new cybersecurity requirements going to affect your business? As a small manufacturer you may feel that you don’t have the resources or bandwidth to comply with DoD’s new cybersecurity requirements. CPI Systems works directly with Defense Contractors or state-based Manufacturing Extension Partnerships (MEP’s) to help small manufacturers maintain or obtain [...]
Cyber Security (to include critical infrastructure protection, cyber-security, data security, risk assessments) REGISTER NOW for the Partnership for Global Sustainability (PGS) Workshop, Virtual TIM #2 - Co-Chaired by CPISYS.com and brought to you by ITB Inc. in collaboration with Florida Tech in Melbourne, FL PLEASE FORWARD THIS NOTICE to ALL of your contacts that may be interested!! Wednesday, January 28, 2021 10:00am EST Cyber Security (to include critical infrastructure protection, cyber-security, data security, risk assessments) Space systems and their associated infrastructure and ground systems may be vulnerable to multiple types of natural and manmade threats. Critical Infrastructure [...]
Call for Speaker Presentations. Call for Speaker Presentations for the upcoming virtual Cybersecurity session as part of the Partnership for Global Sustainability (PGS) Workshop - Technical Interchange Meeting (TIM) series, held January 27 from 10:00 am - 1:00pm EST. CPI Systems (CMMC RPO) is co-chairing this session with Aerospace Corp, in collaboration with Florida Tech and funding host ITB, Inc. This workshop series was managed by ITB, Inc and funded by NASA from 2003 through 2017. The workshop will likely consist of Intro, Keynote (20 min) and 4-5 technical presentations (20 min + Q/A, and [...]
DEFENSE CONTRACTORS ARE A THREAT TO THE DEPARTMENT OF DEFENSE AND AMERICAN ECONOMY “On March 23, 2020, Under Secretary of Defense for Acquisition and Sustainment, Ms. Ellen Lord, and Mr. Ty Schieber, Chairman of the Cybersecurity Maturity Model Certification Accreditation Board (CMMC-AB), signed a Memorandum of Understanding (MOU) that established the roles, responsibilities, and authorities of each organization to help ensure a cyber-safe, cyber-secure and cyber-resilient defense industrial base. The MOU states that DoD will only accept certifications from an assessor or a CMMC Third Party Assessment Organization (C3PAO) who has been accredited for assessments by the CMMC-AB. [...]
Cyber Hygiene is the Key to CMMC Compliance PreparednessThe challenge is that many contractors don’t have full visibility into their organization’s network and security.By Ralph Kahn, Vice President of Federal Tanium for Nextgov Management Across all sectors, theft of intellectual property and sensitive information due to malicious cybercriminals threatens economic and national security. There are a number of initiatives aimed at simplifying and standardizing IT risk management, all with the same goal: stronger, more streamlined and more consistent cyber risk management to help keep federal systems and data secure. To achieve this, IT decision-makers must first determine what is on [...]
