Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connections
Archived Articles
Daily News | April 16, 2021

Defense Department acquisition Chief Information Security Officer Katie Arrington says her office is working to establish reciprocity with other government standards such as the General Services Administration's FedRAMP, in an effort to help companies reach compliance with the Cybersecurity Maturity Model Certification program more quickly while still maintaining necessary security requirements.

Daily News | April 15, 2021

The Defense Department is expected to release contract solicitations with new cyber certification requirements in the coming weeks, but assessment companies are concerned about the impact of limited quality assurance guidance from the Pentagon and its independent accreditation body before the contractor auditing process officially starts.

Daily News | April 7, 2021

The Defense Department has issued two new resources for contracting officials regarding the identification of controlled unclassified information and how it should be identified on government documents.

The Insider | April 6, 2021

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program is creating an Industry Advisory Council composed of private-sector leaders from organizations that will be seeking to get certified to compete for DOD contracts.

The Insider | April 2, 2021

The Defense Information Systems Agency is looking to determine if an upcoming broadband contract should contain Cybersecurity Maturity Model Certification requirements and whether industry has capacity to achieve compliance with the Pentagon cyber program.

Daily News | April 1, 2021

The Pentagon is moving full speed ahead with its plans for the first year of the Cybersecurity Maturity Model Certification program, despite potential obstacles in finding the right first pilot contracts and meeting demand for assessors.

The Insider | March 31, 2021

Former Cybersecurity and Infrastructure Security Agency Deputy Director Matthew Travis will lead the independent accreditation authority behind the Pentagon's Cybersecurity Maturity Model Certification program, according to an announcement from the entity's board of directors.

Daily News | March 26, 2021

The Defense Department expects to release its first contract solicitations containing Cybersecurity Maturity Model Certification requirements in the April-May timeframe, according to a Pentagon spokeswoman. The solicitations will focus on requests for proposals in development from the Army and the Air Force.

Daily News | March 24, 2021

Results from agency-led reports on semiconductor and high-capacity battery supply chains will help the Biden administration identify immediate priorities around reshoring manufacturing capacity and a risk management approach in collaboration with the private sector, according to a senior intelligence official.

Daily News | March 18, 2021

CMMC Accreditation Body chair Karlton Johnson says his organization is prepared to meet the demand for assessments from contractors once the first certified, third-party assessment organizations are approved by the Defense Contract Management Agency.

Daily News | March 15, 2021

Tabletop exercises conducted by the National Defense Industrial Association in coordination with Pentagon cyber certification leaders found areas of improvement are needed to clarify CMMC requirements for industry around operational technology and the marking of controlled unclassified information.

Daily News | March 11, 2021

The Defense Department chief information officer is exploring if changes need to be made to the Pentagon's acquisition rules to take into consideration recent National Institute of Standards and Technology guidance for advanced persistent threats and the protection of high-level assets.

Daily News | March 10, 2021

The Defense Department is working on a new rule to establish a cyber regime focused on advanced persistent threats that is expected to add new regulations around levels four and five of the Pentagon's Cybersecurity Maturity Model Certification program.

Daily News | March 8, 2021

Meeting the standards laid out in the Pentagon's Cybersecurity Maturity Model Certification program is a necessary start to buying down supply chain risk through establishing good cyber hygiene, but cyber experts say CMMC would not necessarily have helped contractors detect or prevent exposure to the SolarWinds attack.

Daily News | February 22, 2021

The Defense Department is working with the General Services Administration's Federal Risk and Authorization Management Program team to develop a "gap analysis" that will compare the cloud services effort with the Pentagon's Cybersecurity Maturity Model Certification initiative, according to DOD's Stacy Bostjanick.

Daily News | February 19, 2021

The Defense Department is expecting to release its first request for proposals containing requirements from its Cybersecurity Maturity Model Certification program in March, according to Pentagon acquisition Chief Information Security Officer Katie Arrington.

Daily News | February 16, 2021

The rollout of the Pentagon's Cybersecurity Maturity Model Certification program is one of several lines of effort at the Defense Department's acquisition office that addresses supply chain risk management, according to Pentagon acquisition leaders who described the multifaceted approach in an exclusive interview.

Daily News | February 11, 2021

The Defense Department's acquisition office and its partners are in the process of adjudicating comments on an interim rule implementing their Cybersecurity Maturity Model Certification program, which Pentagon leaders say will have an impact on the CMMC maturity model and assessment guides.

Daily News | February 8, 2021

The Defense Department has no plans to slow down the rollout of the Cybersecurity Maturity Model Certification program, according to a senior acquisition official, who says there is "bipartisan" support to get the new structure stood up at the Pentagon.

Daily News | February 2, 2021

Plans to separate the CMMC Accreditation Body's authorities to certify and train assessors is a positive sign, according to a leading defense industry association, but the trade group says they will keep a close watch on the rollout of the reorganization.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.