The Pentagon is setting up a formal structure to guide the next stage of implementing zero trust across the Defense Department, including the creation of a Chief Zero Trust Officer and a DOD ZT Executive Committee.
Sunday, November 16, 2025
Sunday, November 16, 2025
The Pentagon is setting up a formal structure to guide the next stage of implementing zero trust across the Defense Department, including the creation of a Chief Zero Trust Officer and a DOD ZT Executive Committee.
The Senate Armed Services Committee has released the full text of its version of the fiscal year 2026 defense authorization bill, including provisions to require the Pentagon to produce a strategy on protecting defense critical infrastructure and the creation of a public-private partnership to address cyber threats from artificial intelligence.
The House Armed Services Committee has approved in a 55-2 vote its version of the fiscal year 2026 defense authorization bill, with an amendment to attach vulnerability disclosure legislation from House Oversight cyber subcommittee Chair Nancy Mace (R-SC) to the major defense policy bill.
The House Armed Services Committee has added amendments to its version of the fiscal year 2026 defense authorization bill that would require briefings on using "cyber deception technologies" in the context of zero trust and steps to integrate artificial intelligence across the Defense Department.
The Pentagon is asking for stakeholder feedback on plans to modernize the Defense Department's acquisition processes under President Trump's mandate to expedite the adoption of commercial solutions and support small businesses, as work continues to finalize a major cyber certification initiative.
The House version of the fiscal year 2026 defense authorization bill will come under the microscope at a July 15 mark-up session, where lawmakers will consider cyber provisions including a requirement for a Software Bill of Materials for artificial intelligence and an assessment of operational support provided by U.S. Cyber Command.
The Senate Armed Services Committee has approved its version of the fiscal year 2026 defense authorization bill, with provisions to create a cyber framework for procuring artificial intelligence tech at the Defense Department and a new report on small business compliance with the Pentagon's cyber certification program.
In a recent report, the Atlantic Council reviews the current state of the U.S. supply chain compared to China and provides recommendations on shoring up capabilities to participate in effective cyber offensive operations.
The Defense Department has released a request for information to get feedback on making reforms to the Risk Management Framework, the Pentagon's approach to address cyber risk management across its systems.
The Trump administration’s actions to reshape government acquisition efforts in the spirit of creating efficiencies have received positive reviews from industry groups who see an opportunity to improve security through buying commercial solutions.
The Pentagon is providing instructions to contracting officials on tailoring the latest version of the National Institute of Standards and Technology's foundational publication on controlled unclassified information, in a recent memorandum on organization-defined parameters critical to the next iteration of the Cybersecurity Maturity Model Certification program.
Michael Duffey, nominee for under secretary of defense for acquisition and sustainment, weighed in on the future of the Pentagon's Cybersecurity Maturity Model Certification program ahead of his recent Senate Armed Services Committee confirmation hearing.
The Defense Department's plan to finalize the second rulemaking for the Cybersecurity Maturity Model Certification program by mid-2025 is starting to slip as the Pentagon works to meet requirements from President Trump’s Jan. 31 executive order on deregulation.
The Defense Department is providing new details on elements of its Cybersecurity Maturity Model Certification program through presentation slides on alignment with National Institute of Standards and Technology standards and a 2023 memo on equivalency with the General Services Administration’s FedRAMP program.
The Defense Department has announced Katie Arrington will serve as the Pentagon's chief information officer in an acting capacity, elevating a key voice in the Defense Department's Cybersecurity Maturity Model Certification program who joined the Office of the DOD CIO in February.
The National Defense Industrial Association argues implementing the Pentagon’s Cybersecurity Maturity Model Certification program will put a significant cost on companies that could be a barrier to entry for industry partners, as part of an annual report taking the pulse of defense firms.
Katie Arrington's return to the Pentagon shows a renewed interest in getting the Cybersecurity Maturity Model Certification program off the ground, according to contracting attorneys who highlighted the pressure companies are facing with official assessments now underway while a final rule to start the clock for requirements is still pending.
The hiring of Katie Arrington as the new DOD chief information security officer will bring a renewed focus on getting the Pentagon’s Cybersecurity Maturity Model Certification program fully realized, according to stakeholders who highlighted rulemaking efforts in the final stages and the official launch of the initiative.
Katie Arrington is returning to the Pentagon in a new role as chief information security officer at the Defense Department Office of the Chief Information Officer, marking a full-circle moment for the former acquisition official who served as the public face of the Cybersecurity Maturity Model Certification program during President Trump's first term.
A recent memorandum from senior Pentagon officials provides guidance on determining assessment levels and the waivers process under the Defense Department's Cybersecurity Maturity Model Certification program.