Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connections
Archived Articles
Daily News | December 28, 2023

Two trade associations representing companies in the defense industrial base are raising concerns over the potential for burdensome regulation following the introduction of a massive Defense Department proposed rule to implement the major revamp of the Cybersecurity Maturity Model Certification program.

Daily News | December 22, 2023

The Defense Department has released a highly anticipated proposed rule to implement its Cybersecurity Maturity Model Certification program with details on the assessment ecosystem, key elements and the use of a plan of action and milestones.

Daily News | December 20, 2023

The National Security Agency has released its 2023 year-in-review report for cybersecurity, providing a rundown of efforts at NSA's Cybersecurity Collaboration Center and work with partners to address threat actors from the People's Republic of China and other nations.

Daily News | December 11, 2023

Mark Montgomery of the Foundation for Defense of Democracies struck a positive tone on the House-Senate compromise version of the fiscal year 2024 defense authorization bill, while noting that some cyber provisions didn’t make the final cut.

Daily News | December 8, 2023

The Defense Department will hold a public meeting on its Cybersecurity Maturity Model Certification program after the proposed rule implementing the initiative is published in the Federal Register, according to the latest unified agenda and regulatory plan.

Daily News | December 7, 2023

Lawmakers have reached an agreement on the fiscal year 2024 defense authorization bill that includes provisions on modernizing cyber red teams, evaluating the creation of a U.S. Cyber Force and creating a fund at the State Department for capacity building.

Daily News | December 6, 2023

A new report from the Defense Department inspector general details common cybersecurity "weaknesses" on federal contractor networks that are handling controlled unclassified information for military services and agencies.

Daily News | December 1, 2023

The Defense Department's work to prepare the proposed rule for its Cybersecurity Maturity Model Certification program is nearing completion, according to a Pentagon spokesperson, with publication in the Federal Register expected as soon as next week.

Daily News | November 30, 2023

The number of certified assessors for the Pentagon's Cybersecurity Maturity Model Certification program experienced triple-digit growth in 2023 from the prior year, as the formal launch of the Defense Department initiative comes closer to fruition.

Daily News | November 22, 2023

The Pentagon's rulemaking to implement its Cybersecurity Maturity Model Certification program has completed the Office of Information and Regulatory Affairs review process, a major milestone that indicates the new regulation should show up in the Federal Register soon.

Daily News | November 21, 2023

The Pentagon will use a methodology developed by the Defense Contract Management Agency's Defense Industrial Base Cyber Assessment Center for National Institute of Standards and Technology Special Publications 800-171 assessments moving forward, according to a final rule formalizing an arrangement that is seen as a placeholder for the upcoming rollout of the Cybersecurity Maturity Model Certification program.

Daily News | November 21, 2023

Stakeholders are getting ready for the upcoming release of a long-awaited rulemaking to implement the Pentagon's Cybersecurity Maturity Model Certification program, while the exact timing and content of the rule remains unclear two years after the Defense Department announced a major revamp.

Daily News | November 7, 2023

Industry groups representing the defense industrial base are highlighting inconsistencies across the federal government over regulations addressing the handling of controlled unclassified information and potential impacts from the Pentagon's Cybersecurity Maturity Model Certification program, in filings to the Office of the National Cyber Director.

Daily News | November 6, 2023

Stakeholders from large defense prime contractors at an industry event last week emphasized the need for their suppliers to reach compliance with requirements under the Pentagon's Cybersecurity Maturity Model Certification program, while also highlighting how they are working together to provide resources.

Daily News | October 12, 2023

The selection of a free "benefit" tool for consulting organizations who pay to be part of the accreditation body ecosystem for the Pentagon's Cybersecurity Maturity Model Certification program is raising concerns from two stakeholders on the decision-making process and potential conflicts of interest.

Daily News | September 18, 2023

The White House Office of Management and Budget's Office of Information and Regulatory Affairs is meeting with stakeholders in the Pentagon's Cybersecurity Maturity Model Certification program, as the interagency process gets underway to review a proposed rule that will implement major changes to the Defense Department initiative.

Daily News | September 8, 2023

The Pentagon Office of Small Business Programs will launch a pilot with 25 to 50 companies to explore how to help smaller organizations comply with National Institute of Standards and Technology Special Publication 800-171 using a cloud environment provided by the Defense Department, according to Cybersecurity Maturity Model Certification leader Stacy Bostjanick.

Daily News | August 29, 2023

The Canadian government is launching a cyber certification program for contractors who want to do business with the country's Department of National Defence that will be aligned with the Pentagon's Cybersecurity Maturity Model Certification program.

Daily News | August 17, 2023

The National Institute of Standards and Technology will reduce the number of "organizational-defined parameters" in the next draft update to its foundational guide on the handling of controlled unclassified information on nonfederal systems, in response to stakeholder feedback.

Daily News | August 4, 2023

The Pentagon has outlined its expectations for the Cybersecurity Maturity Model Certification assessment process in a recent filing to the White House Office of Management and Budget's Office of Information and Regulatory Affairs that provides details on estimated costs for compliance for small business entities and other companies in the defense industrial base.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.