DeFi Strengthens Security, Reducing Crypto Thefts by 25% While Total Hacks Exceed $2 Billion in 2024
Cyber Security
Zaker Adham
02 October 2024
20 August 2024
|
Zaker Adham
Summary
Summary
The U.S. Department of Defense (DoD) has introduced a proposal to amend the Defense Federal Acquisition Regulation Supplement (DFARS) by incorporating the Cybersecurity Maturity Model Certification (CMMC) 2.0 program into contractual requirements.
This proposal is part of an ongoing effort to establish a more robust cybersecurity framework for the U.S. defense industrial base (DIB).
Published in the Federal Register, the proposal invites stakeholders to provide their input by October 15, 2024, before the final rule is established. The CMMC 2.0 framework is designed to assess how contractors implement cybersecurity measures, ensuring better protection of unclassified information within the DoD supply chain.
This move follows the suspension of the CMMC 1.0 pilot in 2021, which allowed time for the development of the enhanced CMMC 2.0 program. The phased rollout of CMMC 2.0 will be implemented over three years, with the new requirements gradually applying to all DoD contracts and solicitations, particularly those involving the processing, storage, or transmission of Federal Contract Information (FCI) or Controlled Unclassified Information (CUI).
Contractors and subcontractors must comply with the CMMC 2.0 requirements, which will be reflected in the DFARS clause "Contractor Compliance With the Cybersecurity Maturity Model Certification Level Requirements." This clause will be applicable to solicitations and contracts requiring specific CMMC levels, excluding those for commercially available off-the-shelf (COTS) items.
The DoD evaluated three alternatives for the timing of CMMC 2.0 certification and ultimately decided that certification must be obtained by the time of contract award. This decision aims to mitigate risks to both offerors and the DoD, ensuring that the necessary cybersecurity measures are in place without delaying contract execution.
By the fourth year of implementation, all relevant DoD solicitations and contracts will require compliance with CMMC 2.0, providing increased assurance that sensitive unclassified information is adequately protected across the defense supply chain. This proposal is part of a broader initiative to safeguard intellectual property and sensitive information from cyber threats, which pose significant risks to national security and the economy.
Cyber Security
Zaker Adham
02 October 2024
Cyber Security
Zaker Adham
23 September 2024
Cyber Security
Zaker Adham
22 September 2024
Cyber Security
Zaker Adham
21 September 2024