Rick Weber

Rick has more than 30 years of experience in covering federal policy, and has worked as an editor and reporter in such key policy areas as energy and environment, health care policy, and now cybersecurity and the tech industry. Rick is a founding member of the editorial team at Inside Cybersecurity, reporting on federal cybersecurity policies since their earliest stages, and is a regular contributor to Inside Defense.

Connect with Rick

MORE FROM THIS AUTHOR
Daily News | April 1, 2020

The industry-based accreditation body tasked with implementing the Pentagon's Cybersecurity Maturity Model Certification program is reaching out to the broader contracting community for advice on how to determine whether a company has complied with the new requirements, a move that comes days after the group signed a legally binding agreement with the Defense Department on training and certifying cyber auditors.

Daily News | March 27, 2020

An information technology company's adjustment to its claims about cybersecurity certification under an emerging Pentagon program reflects tensions in the marketplace, as the Defense Department aggressively pushes forward on landmark requirements and businesses strive to keep up in preparing for compliance and new clients.

Daily News | March 25, 2020

The Defense Department has issued revisions to its Cybersecurity Maturity Model Certification program, less than two months after it was released as final, to clarify requirements for encrypted data among other "administrative" changes.

Daily News | March 24, 2020

Defense Department acquisition chief Ellen Lord has signed a legally binding memorandum of understanding with an industry-based accreditation body that will certify the auditors who will validate the cybersecurity practices of contractors, sources say, a move that marks a significant milestone for implementing the landmark program which will eventually affect all 300,000 defense contractors.

The Insider | March 23, 2020

The Defense Department is seeking public comment on extending reporting requirements for contractors under acquisition rules related to the purchasing of information technology services and products, including measures to protect against counterfeit components that could pose cybersecurity risks.

Daily News | March 17, 2020

The White House Office of Management and Budget has approved the National Institute of Standards and Technology's proposed update to data security and privacy standards central to an array of federal cybersecurity efforts, including the Pentagon's emerging certification requirements.

Daily News | March 16, 2020

Defense Department acquisition Chief Information Security Officer Katie Arrington late last week said contractors will have to be certified as cyber secure before being awarded a contract, an assertion that one industry official saw as a slip in schedule from earlier DOD assertions that certifications would have to be completed at the time of bidding.

Daily News | March 9, 2020

The National Institute of Standards and Technology has renumbered proposed revisions for criteria on protecting controlled unclassified information from advanced persistent threats, such as from Russia and China, a move linked to pushing out requirements that were stalled by a White House review and which are central to a Pentagon program for certifying contractors.

Daily News | March 4, 2020

Pentagon acquisition officials are nearing a legally binding agreement with the industry-based accreditation body recently formed to certify auditors who will be expected to assess the cybersecurity of more than a thousand contractors this year.

Daily News | March 3, 2020

The Defense Department was expecting to issue a proposed rule last year on banning contractor use of Huawei and ZTE products, but an interagency review scuttled those plans, a DOD contract official told industry representatives -- who were clamoring for a proposal rule to be issued as quickly as possible -- at a public meeting this week.

Daily News | February 27, 2020

The top Democrat on the Senate Intelligence Committee, Mark Warner (VA), is calling for passage of bipartisan legislation on securing Internet of Things devices in the wake of media reports about a malware attack on a Defense Department system which was discovered and revealed by a third-party researcher.

Daily News | February 26, 2020

A Congressional Research Service report lays out specific questions for lawmakers to consider in developing policies to manage the risks to the Pentagon and military operations from next-generation 5G networks, particularly amid heightened concerns about threats from China.

Daily News | February 21, 2020

The National Institute of Standards and Technology has issued final revisions to its cybersecurity standards for protecting "controlled unclassified information" by defense and other federal contractors.

Daily News | February 21, 2020

The Defense Department's fiscal year 2021 budget request includes nearly $13 million for developing its landmark cybersecurity certification program, with an emphasis on "pathfinders" selected from the defense industrial base to guide requirements and services for countering cyber threats.

The Insider | February 19, 2020

A federal judge in Texas has rejected China-based tech giant Huawei's challenge to a ban on government purchases of its products based on national security concerns, upholding the authority of Congress to establish the ban through the Fiscal Year 2019 National Defense Authorization Act.

Daily News | February 19, 2020

A leading industry lawyer on federal contracts is advising companies to move forward with cybersecurity audits and to adopt the use of draft standards as the Pentagon completes working on setting up its landmark certification program unveiled last month.

Daily News | February 14, 2020

The information technology industry is raising serious concerns about the unintended consequences of a federal ban on purchasing products from tech giant Huawei and other China-based companies, arguing regulatory language affecting defense and civilian agency contractors should be narrowed to limit its impact.

Daily News | February 12, 2020

The Defense Department's cybersecurity certification program hinges to large extent on the establishment of an accreditation body that will certify an army of third-party assessors, with the group's recently installed board chairman saying funding and language for a binding agreement with the Pentagon on roles and responsibilities are still in the works.

Daily News | February 12, 2020

The Defense Department has announced plans for a meeting next month with industry officials to examine potential problems to a sweeping ban on the use of China-based Huawei and ZTE products by federal contractors, a move that marks a major milestone in broader federal efforts to counter cyber threats from Beijing.

Daily News | February 6, 2020

Pentagon acquisition officials say a sweeping cybersecurity certification program issued last week will take six years to fully implement, a phased-in schedule that defense industry officials say is the result of pressure by the contracting community about mitigating costs.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.