Thursday, May 15, 2025
Key Issues Army UAS focus Project Convergence FTUAS cancellation
The programmatic rule to formally launch the Pentagon's Cybersecurity Maturity Model Certification program is "imminent," according to Defense Department cyber chief David McKeown, who provided a rundown of where things stand with the rulemaking process and opportunities to help contractors reach compliance.
A recent study from security firm CyberSheath finds only 4% of defense contractors are fully prepared to meet upcoming security requirements under the Pentagon's Cybersecurity Maturity Model Certification program, based on a survey of defense industrial base stakeholders.
A final rule to implement the Pentagon's Cybersecurity Maturity Certification program has cleared the interagency regulatory review process, setting up publication in the Federal Register within the 60 days needed during the current legislative term to meet the Congressional Review Act requirements.
Deputy National Security Adviser for Cybersecurity Anne Neuberger highlighted the benefits of artificial intelligence when it comes to cybersecurity at the Billington Cybersecurity Summit and offered a sneak peek into a potential cyber executive order that will incorporate lessons learned.
The Justice Department has announced the disruption of two covert foreign malign influence campaigns backed by the Russian government and targeted at impacting the 2024 election and spreading propaganda in support of the Russian invasion of Ukraine.
Lawyers from two major law firms are flagging key aspects of the Pentagon's latest proposed rule to implement its Cybersecurity Maturity Model Certification program, with a focus on new requirements and other considerations for contractors.
The Defense Department's proposed rule for acquisition purposes proposes alternative approaches to implement its Cybersecurity Maturity Model Certification program, while explaining why the Pentagon is moving forward with its preferred option.
The Professional Services Council wants the Defense Department to focus on making its upcoming Cybersecurity Maturity Model Certification program "executable" for government contractors and the Pentagon, according to PSC president and CEO David Berteau, as the major initiative reaches a new milestone with the publication of a second rulemaking focused on acquisition.
Stakeholders in the defense industrial base are gaining more clarity into the Defense Department's upcoming acquisition requirements for the Cybersecurity Maturity Model Certification program in a proposed rule published today in the Federal Register.
The Defense Department has issued a long-awaited proposed rule to establish acquisition requirements for version 2.0 of the Pentagon's Cybersecurity Maturity Model Certification program, with details on the implementation timeline and supply chain flow-down to subcontractors.
The second rulemaking to implement version 2.0 of the Pentagon's Cybersecurity Maturity Model Certification program has cleared the interagency regulatory review process at the Office of Management and Budget, setting up the potential for the closely watched initiative to be put into place by the end of the year.
The National Defense Industrial Association is concerned over the Defense Department's ability to have enough capacity for the demand in assessments once the Cybersecurity Maturity Model Certification program gets up and running following the conclusion of the rulemaking process.
The Cybersecurity and Infrastructure Security Agency should consider current reporting requirements for defense contractors as it continues work to implement a mandatory incident reporting regime that goes across critical infrastructure sectors, according to defense groups who filed comments on CISA's upcoming regulation.
The Defense Department plans to finalize in November its first final rule for the Cybersecurity Maturity Model Certification program amending Title 32 of the Code of Federal Regulations, according to the latest unified agenda and regulatory plan.
The Senate Armed Services Committee outlined its concerns over the implementation of the Pentagon's Cybersecurity Maturity Model Certification program and the upcoming launch of version 2.0 in the report accompanying its version of the fiscal year 2025 defense authorization bill.
The technology sector raises several questions in its submission to the Cybersecurity and Infrastructure Security Agency on what constitutes a need for incident reporting under the upcoming mandatory regime, including how to address product security and potential reporting on vulnerabilities.
The Defense Department has submitted the first final rule to implement its Cybersecurity Maturity Model Certification program to the White House Office of Management and Budget's Office of Information and Regulatory Affairs, marking a significant milestone in getting the necessary regulatory steps in order to officially launch the Pentagon initiative.
The Commerce Department is using its review authority over foreign transactions in the information and communications technology and services sector to ban Kaspersky software from use in the United States, utilizing a controversial Trump-era rulemaking also leveraged under the Biden administration to address national security risks.
Longtime National Security Agency official Kristina Walter is returning to her cyber roots, becoming chief of the intelligence agency's Cybersecurity Collaboration Center after a stint in charge of a federal initiative on workforce development.
The House Armed Services Committee added amendments to the fiscal year 2025 defense authorization bill in a mark-up session requiring federal contractors to have a vulnerability disclosure policy and ordering studies from the Pentagon on critical infrastructure threats.