Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Archived Articles
Daily News | July 2, 2021

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program is moving quickly to get the first assessment organizations prepared to conduct audits, according to CMMC-AB CEO Matthew Travis, who says he understands industry concerns over delays and how to scale the program under the initial timeline set by the Defense Department.

Daily News | June 29, 2021

Microsoft is working to provide documentation for its managed security service provider partners and cloud users who want to get ready for assessment under the Pentagon's Cybersecurity Maturity Model Certification program, according to a company executive.

Daily News | June 23, 2021

The internal review of the Defense Department's Cybersecurity Maturity Model Certification program is aimed at helping small businesses meet the department's objectives for cyber readiness, while also making potential policy changes to clarify implementation, according to Pentagon industrial policy leader Jesse Salazar.

Daily News | June 17, 2021

Cybersecurity Maturity Model Certification Accreditation Body board Chairman Karlton Johnson says his organization is not slowing down its activities in support of the Defense Department's cyber certification program, and denied reports that the CMMC-AB is taking a "strategic pause" during ongoing governmental reviews of the program.

The Insider | June 17, 2021

The Defense Department expects to issue the final rule to implement its Cybersecurity Maturity Model Certification program in September, according to a recent update from the Office of Management and Budget.

Daily News | June 10, 2021

The first authorized, certified third-party assessment organization has entered the marketplace to conduct official audits for defense contractors who want to become certified under the Pentagon's Cybersecurity Maturity Model Certification program.

Daily News | June 10, 2021

The independent accreditation body behind the Defense Department's Cybersecurity Maturity Model Certification program is looking for an individual to serve as "Director of Security and Compliance," a new position created to liaise with the Pentagon on security matters and the latest move by the accreditation authority to transition to a full-time professional staff.

The Insider | June 2, 2021

The Intelligence and National Security Alliance says a proposed Defense Department cyber threat hunting program should include liability protections for defense industrial base companies and support to help small businesses participate.

Daily News | May 24, 2021

Final regulations for the Pentagon's cyber certification program are expected in the fall with potentially substantial policy and structural changes, says contracting attorney Robert Metzger, who suggests adjustments to the interim final rule make sense given the intense scrutiny on the program and leadership changes at DOD.

The Insider | May 21, 2021

The National Security Agency is taking up its mandate to establish capabilities for robust information sharing between industry and government as part of the Biden executive order designed to bolster the security of federal networks and strengthen relationships with industry.

Daily News | May 20, 2021

The General Services Administration will allow civilian federal agencies to decide whether to include requirements from the Pentagon's cyber certification program in individual contracts that utilize GSA offerings for facilitating their information technology purchases.

Daily News | May 19, 2021

The Pentagon's Cybersecurity Maturity Model Certification program needs to do more to help small businesses reach compliance, senators said Tuesday at a hearing on cybersecurity in the defense industrial base.

Daily News | May 13, 2021

The Biden administration has released an executive order in response to recent supply chain attacks with an immediate focus on securing federal networks through prevention and mitigation measures and incentivizing the commercial software market to improve its security practices.

Daily News | May 12, 2021

Training committee chair Ben Tchoubineh this week departs the accreditation body responsible for establishing an assessment ecosystem for the Pentagon's cyber certification program, and says he's leaving behind a solid foundation for the training of assessors and the preparation of future instructors.

Daily News | April 30, 2021

Matthew Travis, CEO of the accreditation body for assessors under the Defense Department's Cybersecurity Maturity Model Certification program, says he plans to review the organization's code of ethics policy over the next few months and make changes to increase transparency over decision-making.

Daily News | April 30, 2021

The Defense Department's decision to push back the timing of its first pilot contracts with Cybersecurity Maturity Model Certification requirements is creating concerns over the feasibility of meeting deadlines established for the current fiscal year, according to stakeholders.

Daily News | April 28, 2021

The Pentagon is making changes to its rollout schedule for the Cybersecurity Maturity Model Certification program, due to issues with getting assessment organizations that will conduct audits for contractors fully credentialed by the Defense Department, according to a DOD official overseeing the pilots.

The Insider | April 28, 2021

The National Institute of Standards and Technology has released a draft publication designed to help organizations prepare and conduct assessments on their ability to secure controlled unclassified information for high-value assets maintained in non-governmental systems.

Daily News | April 26, 2021

The Defense Contract Management Agency has briefed assessment organizations that want to conduct audits for contractors looking to obtain a Cybersecurity Maturity Model Certification on preparing for and going through the process to get their own certification.

The Insider | April 23, 2021

Two researchers from Carnegie Mellon University who worked with Pentagon officials to develop the Cybersecurity Maturity Model Certification program will be teaching a five-hour course on the landmark effort at a National Defense Industrial Association training event on May 6.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.