Defense Department contractors are struggling to meet the standards for protecting sensitive DOD information on their networks, as most companies fail to use key controls like multifactor authentication and incident response tests, according to a new report from cybersecurity auditing firm Sera-Brynn. The report issued last week assessed how defense contractors are implementing a provision in the Defense Federal Acquisition Regulation requiring contractors to protect controlled unclassified information (CUI) on their networks using the 110 controls in the National Institute...
