DoD Working on CMMC-Fedramp ‘Reciprocity’ by Year End CMMC, the DoD’s new cybersecurity standard is designed to measure security practices of companies and the servers in the computer rooms and data centers. But what about the stuff in the cloud. That is covered by another government standard called FedRAMP. But those two standards have different […]
Continue reading → [DISPLAY_ACURAX_ICONS]Visser Precision, a precision parts contract manufacturer based in Denver, Colorado, has confirmed a “cybersecurity incident”. Visser makes parts for the likes of Tesla, Space X, Boeing and defense contractor Lockheed Martin. The ransomware was DoppelPaymer, is one of the Ransomware 2.0 variants that steal the data before they encrypt it. Some of that data […]
Continue reading → [DISPLAY_ACURAX_ICONS]Electronic Warfare Associates (EWA), a well known defense contractor in DC, was hit by a ransomware attack. The tagline on the homepage of their website says that they are enabling a more secure future. A Google search last week for the company brought up these results: The researcher who discovered the problem said it seems […]
Continue reading → [DISPLAY_ACURAX_ICONS]DoD continues to take actions that lead us to believe that they are very serious about the Cybersecurity Maturity Model Certification process. This process will require that all DoD contractors ultimately get a third party cybersecurity certification on an annual basis if they want to continue to be part of the DoD food chain. When […]
Continue reading → [DISPLAY_ACURAX_ICONS]These are the words right out of the mouth of Katie Arrington, The Pentagon’s Chief Information Security Officer for the acquistion policy office. Katie reports up to Kevin Fahey, the Assistant Defense Secretary for Acquisition. He is the guy who is responsible making sure that the Pentagon spends those hundreds of billions of dollars a […]
Continue reading → [DISPLAY_ACURAX_ICONS]After a horrifying independent review of the Navy’s current cybersecurity posture, the Navy asked Congress to approve a new position of Assistant Secretary of the Navy to handle cyber. This comes after the Navy eliminated the role of CIO last year. Congress turned them down, so now they are going around Congress to create a […]
Continue reading → [DISPLAY_ACURAX_ICONS]