For federal government agencies, it is not only a priority but a mandated requirement that the contractors and vendors they do business with have hardened cybersecurity compliance controls that secure their networks and protect the data and information they house.…
Strengthening federal software supply chains through the power of automation
This article originally appeared on SteelCloud’s official blog, HERE. When you mix all the Executive Orders, NIST standards, SBOMs, CUI, and critical software together, your organization will have a more secure supply chain. But it’s all just a mishmash of…
SteelCloud’s Brian Hajost on how federal agencies can effectively secure their software supply chains
As federal government agencies and the military continue to build upon the modernization efforts they’ve made across their workflows and services, it is critical that they carefully consider the cyber risks that each newly acquired application and piece of software…
Quest’s Chris Roberts on the current state of federal zero trust
It has been more than two years since President Biden released his Executive Order (EO) on Improving the Nation’s Cybersecurity. Paramount to this EO was the directive for federal agencies to move towards adopting and implementing zero trust cybersecurity architectures.…
A CMMC 2.0 rule release is around the corner—What DIB and FSI organizations need to know about Level 2
It seems that any day now the U.S. Department of Defense (DoD) will announce its rulemaking on the Cybersecurity Maturity Model Certification (CMMC) 2.0. According to the CMMC policy Director for the Office of the Undersecretary of Defense for Acquisition…
How the NIST Framework sets out to protect federal agencies’ AD environments
February 2021 was a moment in time where federal agencies were knee deep in modernizing their IT infrastructures to accommodate the digitized new normal of their processes, workflows, and services. But while the federal government was busy digitally transforming their…
Time to get ready for CMMC 2.0
Cybersecurity Maturity Model Certification (CMMC) 2.0 is here. If your company is not prepared, the time to get ready is now, or your company may risk losing business with the Department of Defense (DoD). The CMMC program requires cyber protection…
WVDEP CIO explains how digital transformation enhanced the state agency’s cybersecurity and boosted productivity
When COVID-19 reached American shores, state and local government agencies and educational organizations (SLED) had to abruptly and suddenly find a way to operate in a world with no face-to-face, in-person interaction. This forced many of them to turn to…
What federal government security architects need to know about zero trust
For the federal government, a zero trust architecture assumes that all traffic on an agency’s internal network is potentially malicious. Consequently, it requires taking measures to: Authenticate all connections Identify all devices, users, applications, and services Ensure that traffic goes…
The Early Bird Gets the Worm, When It Comes to CMMC and the DIB
This article originally appeared on SteelCloud’s official blog site. The Department of Defense’s CMMC (Cybersecurity Maturity Model Certification) program has undergone multiple changes, revisions, updates, and organizational shifts over the last two and a half years. As a result, DoD…
