Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connections
Archived Articles
The Insider | January 19, 2022

MISI, a Maryland-based accelerator focused on cybersecurity, is starting a new program to help small businesses prepare for the latest changes to the Defense Department’s Cybersecurity Maturity Model Certification program.

Daily News | January 11, 2022

With two rulemakings expected at the end of 2022 to formally kick off the Defense Department's Cybersecurity Maturity Model Certification program, contracting attorney Robert Metzger says the development of incentives to encourage military contractors to invest now in CMMC preparation is critical but the process is complicated.

Daily News | December 30, 2021

The Defense Department's plans for its revamped cyber certification program will kick into high gear in 2022, with new guidance for assessments under CMMC 2.0 and updates through rulemaking processes to formally cement changes announced by the Pentagon in November.

Daily News | December 22, 2021

The Defense Department will begin conducting new level two audits in late January for companies seeking to assess defense contractors under DOD's revamped Cybersecurity Maturity Model Certification program, according to the CMMC Accreditation Body.

Daily News | December 21, 2021

The Defense Department is shifting its plans to 2022 for setting up a zero-trust portfolio management office under the oversight of DOD Chief Information Officer John Sherman, according to a Pentagon official.

Daily News | December 20, 2021

The Defense Department has released the assessment guide for level two of its Cybersecurity Maturity Model Certification program, making changes to the initial model through the removal of processes as well as 20 controls that go beyond the initial standard developed by NIST.

Daily News | December 15, 2021

The Defense Department has published a revised guide for level one of its Cybersecurity Maturity Model Certification program, detailing practices companies must achieve to reach compliance through conducting a self-assessment of their security measures.

Daily News | December 8, 2021

The Pentagon will make changes to its Cybersecurity Maturity Model Certification program by working with the National Institute of Standards and Technology to revise Special Publication 800-171, according to Defense Department assessment leader John Ellis, who says DOD has plans to propose additional controls from the old CMMC model for inclusion in the next update to the key NIST publication.

Daily News | December 6, 2021

The Defense Department has released long-awaited scoping guidance for its Cybersecurity Maturity Model Certification program that will help defense contractors determine what assets will be included under the assessment process, along with a new overview document describing key changes to the program.

Daily News | December 1, 2021

The Defense Department is working on several pieces of documentation to support the revamp of its Cybersecurity Maturity Model Certification program, including scoping guides for the new levels one and two and an overview document describing the CMMC 2.0 model.

Daily News | November 23, 2021

Cyber certification audits for certified third-party assessment organizations are currently on hold at the Pentagon while the Defense Department works through changes to its Cybersecurity Maturity Model Certification program, according to a DOD official.

Daily News | November 23, 2021

The National Institute of Standards and Technology in 2022 will update its publication guiding agencies and industry on how to secure controlled unclassified information, a key component of the Pentagon's Cybersecurity Maturity Model Certification program, according to lead author Ron Ross.

Daily News | November 18, 2021

The Defense Department is exploring how it can offer incentives to contractors who adopt standards from the Cybersecurity Maturity Model Certification program before the official rollout begins, according to Pentagon official Stacy Bostjanick.

Daily News | November 17, 2021

The Pentagon has formally announced two new rulemakings that will make changes to its Cybersecurity Maturity Model Certification program, including the removal of third-party assessments for level one and starting a plan of action and milestones process.

Daily News | November 16, 2021

The independent accreditation body behind the Pentagon’s cyber certification program is in the early stages of altering its training credential offerings to meet the needs of the Defense Department as DOD shifts toward self assessment for CMMC level one, according to CMMC-AB CEO Matthew Travis.

Daily News | November 11, 2021

The evolution of the Defense Department's Cybersecurity Maturity Model Certification program reflects a response to concerns from the defense industrial base, according to attorneys, who said recent major changes show the Pentagon is taking into account pre-existing mechanisms for contractor compliance with cyber standards and is considering how the program can be implemented effectively.

Daily News | November 10, 2021

Cyber leaders at the Defense Department provided an overview of key changes to their Cybersecurity Maturity Model Certification program, CMMC 2.0, at a "Town Hall" on Tuesday with details on upcoming rulemaking processes and how the effort will allow for more public engagement.

Daily News | November 5, 2021

The Defense Department is making changes to the oversight of its independent accreditation body as part of an update to the Cybersecurity Maturity Model Certification program, dubbed "CMMC 2.0," triggering new negotiations of the current no-cost contract between the two entities.

Daily News | October 19, 2021

An examination of the Pentagon’s cyber certification program is moving into a new phase with the internal review of the initiative complete, according to sources, who say recommendations are currently under consideration by DOD leadership.

Daily News | October 1, 2021

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program has approved the first content created by a third-party partner publisher that will be used to teach assessors as part of the CMMC official assessor training program.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.