Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connections
Archived Articles
Daily News | February 24, 2022

Voluntary assessments under the Pentagon's Cybersecurity Maturity Model Certification program are expected to begin in the second quarter of fiscal year 2022, according to Matthew Travis, CEO of the CMMC Accreditation Body, who outlined details that must be ironed out with the Defense Department before the interim period launch can begin.

Daily News | February 18, 2022

The Defense Department is still considering whether to allow companies to self-attest their compliance with level two of its Cybersecurity Maturity Model Certification program, according to DOD cyber chief David McKeown, who provided additional detail on the Pentagon's plans to address controlled unclassified information at a meeting on Thursday.

Daily News | February 17, 2022

The office of the Defense Department chief information officer has formally established a zero-trust portfolio management office with a focus on developing shared services and providing orchestration for implementations developed by the uniformed services and agencies within the department, according to DOD cyber chief David McKeown.

Daily News | February 16, 2022

The two rulemakings to implement the Defense Department’s Cybersecurity Maturity Model Certification program are a work in progress, according to DOD cyber chief David McKeown, who says the Pentagon is continuing to develop its policies in areas such as incentives and how contractors will be allowed to fill gaps.

Daily News | February 11, 2022

The Defense Department is making changes to version two of its Cybersecurity Maturity Model Certification program following a review of what controlled unclassified information needs to be protected under the second tier of the model, according to DOD Deputy Chief Information Officer for Cybersecurity David McKeown.

Daily News | February 9, 2022

Katie Arrington is leaving the Pentagon after months of uncertainty over her future as chief information security officer for the Defense Department's acquisition arm, during an ongoing investigation into her alleged sharing of classified information outside of DOD.

Daily News | February 4, 2022

The Pentagon's decision to move the Cybersecurity Maturity Model Certification program is part of an effort to align cybersecurity initiatives across the department, according to DOD CIO John Sherman.

Daily News | February 4, 2022

Transitioning the Pentagon's cyber certification program to the Defense Department chief information officer's portfolio could have a positive impact on DOD efforts to engage with industry, according to a major trade association.

Daily News | February 3, 2022

The Cybersecurity Maturity Model Certification program is moving from the Pentagon's acquisition arm to direct oversight by Defense Department Chief Information Officer John Sherman, according to a memorandum obtained by Inside Cybersecurity.

Daily News | January 31, 2022

Defense Department Chief Information Officer John Sherman has issued a memorandum detailing how acquisition officials across DOD should evaluate open-source software for defense contracts.

Daily News | January 27, 2022

The upcoming Cybersecurity Maturity Model Certification assessment process guide includes details on the four phases of assessments, explains procedures and provides a "template inventory," according to the accreditation body behind the Pentagon's CMMC program.

Daily News | January 26, 2022

The White House Office of Management and Budget has released a memorandum outlining the government's strategy for moving agencies to using zero trust, which includes a focus on multifactor authentication and industry cybersecurity standards that go beyond personal identity verification.

Daily News | January 20, 2022

Cybersecurity Maturity Model Certification Accreditation Body board chairman Jeff Dalton says the delay in the public release of the CMMC assessment process guide, known as the CAP, is related to national "security" concerns, a claim that is raising questions among CMMC stakeholders.

Daily News | January 20, 2022

The Defense Department's policy for contractors to provide details on how they will address gaps in their Cybersecurity Maturity Model Certification assessments will include a threshold on requirements that "need to be" taken "seriously," according to DOD's John Ellis, who leads the office responsible for conducting CMMC assessor audits.

Daily News | January 19, 2022

President Biden is extending requirements in a major 2021 cybersecurity executive order to national security systems, in a memorandum signed today.

The Insider | January 19, 2022

MISI, a Maryland-based accelerator focused on cybersecurity, is starting a new program to help small businesses prepare for the latest changes to the Defense Department’s Cybersecurity Maturity Model Certification program.

Daily News | January 11, 2022

With two rulemakings expected at the end of 2022 to formally kick off the Defense Department's Cybersecurity Maturity Model Certification program, contracting attorney Robert Metzger says the development of incentives to encourage military contractors to invest now in CMMC preparation is critical but the process is complicated.

Daily News | December 30, 2021

The Defense Department's plans for its revamped cyber certification program will kick into high gear in 2022, with new guidance for assessments under CMMC 2.0 and updates through rulemaking processes to formally cement changes announced by the Pentagon in November.

Daily News | December 22, 2021

The Defense Department will begin conducting new level two audits in late January for companies seeking to assess defense contractors under DOD's revamped Cybersecurity Maturity Model Certification program, according to the CMMC Accreditation Body.

Daily News | December 21, 2021

The Defense Department is shifting its plans to 2022 for setting up a zero-trust portfolio management office under the oversight of DOD Chief Information Officer John Sherman, according to a Pentagon official.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.