It seems that any day now the U.S. Department of Defense (DoD) will announce its rulemaking on the Cybersecurity Maturity Model Certification (CMMC) 2.0. According to the CMMC policy Director for the Office of the Undersecretary of Defense for Acquisition…
Time to get ready for CMMC 2.0
Cybersecurity Maturity Model Certification (CMMC) 2.0 is here. If your company is not prepared, the time to get ready is now, or your company may risk losing business with the Department of Defense (DoD). The CMMC program requires cyber protection…
What federal government security architects need to know about zero trust
For the federal government, a zero trust architecture assumes that all traffic on an agency’s internal network is potentially malicious. Consequently, it requires taking measures to: Authenticate all connections Identify all devices, users, applications, and services Ensure that traffic goes…
The Early Bird Gets the Worm, When It Comes to CMMC and the DIB
This article originally appeared on SteelCloud’s official blog site. The Department of Defense’s CMMC (Cybersecurity Maturity Model Certification) program has undergone multiple changes, revisions, updates, and organizational shifts over the last two and a half years. As a result, DoD…
How DoD organizations can get a handle on zero trust
As the U.S. Department of Defense (DoD) continues to transition and adopt zero trust cybersecurity frameworks for its IT networks and infrastructure, the Department is also urging all of its disparate agencies and organizations to follow suit. But before DoD…
How the U.S. Department of the Navy is Approaching Zero Trust
This article originally appeared on the DLT Solutions official blog and can be found here. The U.S. Navy and Marine Corps are grappling with the multi-headed hydra that is cybersecurity. At the Department of Navy (DON) IT Conference 2022, the…
Federal Zero Trust: Agencies have questions, Quest and DLT have answers
In the last few years, there has been a dramatic increase in both the number and sophistication levels of cyberattacks against federal agencies. And with a record number of federal employees relying on remote work technologies, agency network perimeters are…
When it comes to security, not all cloud providers are equal
All federal government agencies, including the DoD, have been required to adhere to certain compliance requirements. These requirements are meant to inject consistency and confidence in the security of a cloud provider solution. And security is top of mind for…
The CMMC and continuous monitoring – is it a good idea?
In April of this year, the CMMC advisory board issued an interesting RFP that caught a few off guard and raised a lot of questions among the defense industrial base (DIB). That RFP involved the creation of a continuous monitoring…
CMMC V1.0 – what is it and will it work?
Last week, my associate, Shane Rogers, shared an article on the GovCybersecurityHub discussing the Cybersecurity Maturity Model Certification (CMMC) and its potential impact on small- and medium-sized government contractors. Shane concluded that the Department of Defense (DoD) is taking incredible…
