Updated 8(a) STARS III RFP to Include CMMC
Happy Monday! In today’s exciting news, the GSA recently released the updated 8(a) STARS III RFP, which includes CMMC. According to JD Supra, “as part of each offeror’s Supply Chain Risk Management Plan, the 8(a) STARS III RFP requires the offeror to address 1) their intent to obtain CMMC, 2) their target certification level, and […]
CMMC as a Standard for Non-Defense Contractors in the Future
Happy Monday – I hope everyone is staying safe and healthy out there! Last week, Katie Arrington, the Pentagon’s CISO for acquisition and sustainment, said that the CMMC (Cybersecurity Maturity Model Certification) could eventually become a standard for non-defense contractors. Arrington also said that CMMC could also eventually become a part of international standards. In […]
U.S. Taking Steps to Prevent Cyber Attacks at a State Level
Happy Monday! Last week, a Texas School District lost $2.3 million to a phishing attack. The incident involved three transactions sent over the course of one month. The school district did not realize until after the third transaction that the bank account information had been tampered with, and the account on the receiving end was […]
DoD Names Chair for CMMC Program
Happy Monday! Last week, the Consumer Electronics Show (CES) began during a cyber attack that hit Las Vegas. City officials have been actively working to determine where the attack began. As of now, officials are saying that the attack began with a malicious link in a city employee’s email. This breach comes during the issues […]
Ryuk Ransomware and FDPL Website Hack
Happy Monday! Last week, a Ryuk ransomware attack took down the entire IT network of a Maritime Transportation Security Act (MTSA) regulated facility. The United States Coast Guard stated that the cause of the attack most likely began with a phishing email. Operations at the facility were reportedly shut down for over 30 hours and […]
New Cybersecurity Laws & Smartphone Location Data
Happy Monday, and happy (almost) New Year! In today’s news, new cybersecurity laws, called “Insurance Data Security Laws,” were just passed about a week ago, and will take effect in CT on October 1, 2020, and in NH on January 1, 2021. The laws will “affect insurance carriers, producers, and other businesses licensed by the […]
Microsoft Windows 7 and Windows Server 2008 End-Of-Life
Happy Monday and happy holidays! I’ve got some interesting news to start off this holiday week. First, Microsoft will no longer support Windows 7, Windows Server 2008, and Windows Server 2008 R2 after January 14th, 2020. These systems have reached their end-of-life mark and this means that Microsoft will no longer provide security updates or […]
CMMC Draft Version 0.7
Happy Monday! CMMC or the Cybersecurity Maturity Model Certification released draft version 0.7 last week. You can view the document here. The new draft includes levels 4 & 5 of the CMMC, as the previous draft versions did not. Last week, the city of Pensacola, FL was hit by a cyber attack just days after […]
CMMC & The Effect on Small Business
Happy Monday! Yesterday, the U.S. Department of Defense posted an article regarding the CMMC (Cybersecurity Maturity Model Certification) and discussed how they will be helping small companies meet the cybersecurity requirements. Ellen Lord, the undersecretary of defense for acquisition and sustainment, said “We are not going to put small companies out of business. We need […]
SHIELD Act & Vulnerable Cybersecurity Solutions
Happy Monday! Recently, the SHIELD (Stop Hacks and Improve Electronic Data Security) Act was signed into law in the state of New York. The law will affect “all businesses who work within New York, as well as those who collect, process or control personal information of New York residents.” The breach notification law updates were […]