CyberSecurityBoard
Sponsor Register Login

Pentagon Wants Feedback on Revised Cybersecurity Maturity Model Certification Program

The US Department of Defense this week published a proposed rule and requested public feedback for the Cybersecurity Maturity Model Certification program.
The CMMC program is meant to establish an assessment mechanism to verify that defense contractors and subcontractors have implemented the security measures required to protect federal contract information and controlled unclassified information.
The DoD currently demands that contractors and subcontractors implement the security protections detailed in the National Institute of Standards and Technology Special Publication 800-171 Rev 2.
The newly published rule is a revision of certain aspects of the program, in line with public feedback received after the initial CMMC program was published in September 2020.
According to the DoD, the revision allows the self-assessment of certain requirements, to simplify compliance, sets forth priorities for protecting DoD information, and reinforces cooperation between the department and industry.
The CMMC program requires a cybersecurity assessment at three levels, starting with the basic protection of FCI and going to general protection of CUI at level 2 and higher safeguarding against advanced persistent threats at level 3.
The Pentagon has opened CMMC for public comment for a 60-day period and is also requesting feedback on eight CMMC guidance documents and new information collections.


This Cyber News was published on www.securityweek.com. Publication date: Fri, 29 Dec 2023 13:13:05 +0000


Cyber News related to Pentagon Wants Feedback on Revised Cybersecurity Maturity Model Certification Program

Immature equals insecure: why cybersecurity maturity testing is a must - Cyber maturity is all about ensuring the organisation is prepared for a cyber attack and that can only be determined by establishing where the risks lie and whether the controls that are in place are appropriate and proportionate. The level of cyber ...
3 months ago Cybersecurity-insiders.com
Pentagon Wants Feedback on Revised Cybersecurity Maturity Model Certification Program - The US Department of Defense this week published a proposed rule and requested public feedback for the Cybersecurity Maturity Model Certification program. The CMMC program is meant to establish an assessment mechanism to verify that defense ...
6 months ago Securityweek.com
How to Minimize Friction in the Cyber Compliance Certification - Certification has always been a great way for companies to establish trust with their customers. While there's certainly an argument to be made that certification doesn't necessarily make your company more secure, today's buyers need to know that ...
6 months ago Cybersecuritynews.com
EU Takes a Leap Forward with Cybersecurity Certification Scheme - The EUCC, or EU cybersecurity certification scheme, has an implementing rule that was adopted by the European Commission. The result is consistent with the cybersecurity certification methodology under consideration on EUCC, which was created by ...
4 months ago Cysecurity.news
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
1 month ago Feeds.fortinet.com
Cisco Gold Partner: A Team Approach to Certification Turns to Gold at Advanced Unibyte - Certifications are an excellent way to achieve self-improvement, greater technical knowledge, and higher career goals. Advanced Unibyte GmbH, based in Metzingen, Germany, has taken the drive for excellence and career growth to new levels with a team ...
2 months ago Feedpress.me
Developing Cybersecurity Awareness Programs for Schools - Schools are increasingly becoming targets for cyberattacks, necessitating the development of robust cybersecurity awareness programs. Ultimately, a comprehensive cybersecurity awareness program is essential for schools to mitigate risks, enhance ...
6 months ago Securityzap.com
Pentagon Received Over 50,000 Vulnerability Reports Since 2016 - The US Department of Defense on Friday announced that it has processed 50,000 reports received as part of its continuous vulnerability disclosure program launched in November 2016. A first in the history of the federal government, the program was ...
3 months ago Securityweek.com
Pentagon Received Over 50,000 Vulnerability Reports Since 2016 - The US Department of Defense on Friday announced that it has processed 50,000 reports received as part of its continuous vulnerability disclosure program launched in November 2016. A first in the history of the federal government, the program was ...
3 months ago Packetstormsecurity.com
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
6 months ago Darkreading.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
1 week ago Techtarget.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
6 months ago Securityzap.com
REVIEW: ISC2 CERTIFIED CLOUD SECURITY PROFESSIONAL CERTIFICATION - The Certified Cloud Security Professional is a highly respected cybersecurity certification that addresses the needs of professionals and employers for robust and adaptable cloud security expertise. As cyber threats continue to escalate, the demand ...
5 months ago Cybersecurity-insiders.com
Improving Software Quality with the OWASP BOM Maturity Model - With his years of work on the CycloneDX standard, Springett understands the issues holding back SBOM usage-particularly when it comes to standardization, dependency tracking, and verification. Not to mention, he also chaired OWASP's Software ...
4 months ago Securityboulevard.com
ISC2 Collaborates With IBM to Launch Entry-Level Cybersecurity Certificate - PRESS RELEASE. ALEXANDRIA, Va., Feb. 13, 2024 /PRNewswire/ - ISC2 - the world's leading nonprofit member organization for cybersecurity professionals - announced a partnership with IBM to launch the IBM and ISC2 Cybersecurity Specialist Professional ...
4 months ago Darkreading.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
5 months ago Legal.thomsonreuters.com
Cybersecurity Curriculum Development Tips - In this article, we will explore essential tips for developing a comprehensive and up-to-date cybersecurity curriculum. By staying abreast of the latest industry trends, educational program developers can ensure that their curriculum remains relevant ...
6 months ago Securityzap.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
5 months ago Securityzap.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
6 months ago Securityzap.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
6 months ago Securityzap.com
Big China Spy Balloon Moving East Over US, Pentagon Says - The Pentagon said at midday Friday that a Chinese spy balloon had moved eastward and was over the central United States, and that the U.S. rejected China's claims that it was not being used for surveillance. Gen. Pat Ryder, Pentagon press secretary, ...
1 year ago Securityweek.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
7 months ago Feeds.dzone.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
6 months ago Securityzap.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
6 months ago Securityintelligence.com
IBM, ISC2 Offer Free Cybersecurity Certificate - The International Information System Security Certification Consortium and IBM teamed up on February 12 to launch the IBM and ISC2 Cybersecurity Specialist Professional Certificate, which can be earned through a free, four-month, beginner-level ...
4 months ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)