The Cybersecurity and Infrastructure Security Agency is seeking public comment on its Zero Trust Maturity Model, a roadmap designed to help government agencies transition to the zero trust security architecture. CISA said the maturity model includes five pillars based on the foundations of zero trust: visibility, analytics, automation, orchestration and governance. The document provides specific […]
Boston Government Services, a digital solutions provider, has been certified as a third-party assessor organization for the Department of Defense’s Cybersecurity Maturity Model Certification Program. The DOD established CMMC to raise the bar for cybersecurity among defense contractors and address supply chain management issues, BGS said Tuesday. C3PAOs are authorized to conduct compliance assessments for […]
Lawmakers in the House of Representatives have introduced legislation seeking to set a five-year term limit for the director of the Cybersecurity and Infrastructure Security Agency. The Cybersecurity Leadership Act would also affirm that the director is presidentially nominated and Senate-approved, The Hill reported Tuesday. On its website, CISA said it serves as the United […]
Supply chain cyber defense company Celerium has introduced a new online course designed for government contractors and subcontractors that seek to meet the requirements of the Cybersecurity Maturity Model Certification Level 3 assessment. The online course is offered through Celerium’s CMMC Academy, a cybersecurity education program aimed at helping Department of Defense suppliers understand the […]
The Federal Trade Commission wants to permanently ban applications company Support King and its CEO Scott Zuckerman from the surveillance technology business for marketing a product that is being used by stalkers to discreetly monitor their intended victims electronically. In a complaint issued Wednesday, the commission alleged that SpyFone, which Support King purportedly markets as […]
Cybersecurity companies and industry groups asked lawmakers to give organizations at least 72 hours to report cyber breaches to the federal government as opposed to the 24-hour deadline outlined in a Senate bill circulating in Congress. Calls for an extended cyber incident reporting timeline were raised during a hearing of a new cyber notification bill […]
The Government Accountability Office is assessing the cybersecurity impacts of technologies adopted in response to the COVID-19 pandemic. Jennifer Franks, the GAO’s director of IT and cybersecurity, said the agency aims to release a report on the subject by early 2022 but refused to get into the details of the findings so far. Franks noted […]
Security and compliance automation firm Adlumin has introduced a new assessment tool designed for U.S. defense contractors required to comply with the Pentagon’s Cybersecurity Maturity Model Certification program. Through the CMMC assessment tool, users will be able to gauge their progress in achieving the CMMC level that is appropriate for their organization or the level […]
The FBI warned organizations about Hive, the ransomware group identified as the culprit behind the recent cyberattack on Memorial Health System. In a flash alert, the FBI noted that the group’s primary tactics include sending phishing emails to gain access to networks and using Remote Desktop Protocol to initiate network lateral movement. According to the […]
The Cybersecurity and Infrastructure Security Agency and the FBI has advised organizations to remain alert to ransomware during holidays, including the forthcoming Labor Day. CISA said organizations should perform preemptive threat hunting on their networks and other mitigation steps during the days leading up to holidays and weekends. While the agencies do not have cyberthreat […]
