It is now June 2020. The Department of Defense (DoD) initially projected that, this month, it would issue ten pilot Requests for Information (RFIs) as part of its efforts to develop the means for its implementation of the Cybersecurity Maturity Model Certification (CMMC) under DoD contracts. To date we have not seen any of theRead More
Last week we reported on developments in the Department of Defense (DoD) efforts to implement enhanced Defense Industrial Base cybersecurity requirements. Following our report, Katie Arrington, DoD Chief Information Security Officer in the Office of the Undersecretary of Defense for Acquisition and Sustainment, confirmed our thoughts that the DoD’s roll out of Cybersecurity Maturity ModelRead More
The Government continues to take steps to address its Defense Industrial Base supply chain cybersecurity. Below are some of the emerging developments you should be following in this space: Cybersecurity Maturity Model Certification (CMMC) Previously we reported on the Department of Defense’s (DoD’s) activities to roll out a CMMC program. DoD has now rolled outRead More
On Tuesday, March 3, 2020, Stinson partners Susan Warshaw Ebner and Eric Whytsell will be presenting on “Cybersecurity Maturity Model Certification (CMMC): Guarding the Keys to the Kingdom” at a National Defense Industrial Association (NDIA) Rocky Mountain Chapter event in Colorado Springs, Colorado. The presentation will highlight the evolution of and latest information about theRead More
Earlier this month, the National Security Agency (NSA) discovered a serious security flaw in Microsoft Windows 10 cryptographic functionality, CVE-2020-0601.That security flaw could render trust certifications used to authenticate sources in communications and files vulnerable to spoofing or attack. As the NSA Cybersecurity Advisory notes, “[e]xploitation of the vulnerability allows attackers to defeat trusted networkRead More