NIST Releases “Ransomware Profile” & Pentagon Reviews CMMC Program
Happy Monday, and thanks for tuning in to this week’s segment of Mondays with Miranda!
In this week’s news, the National Institute of Standards and Technology (NIST) just released a new cybersecurity framework for ransomware risk management. The “Ransomware Profile” identifies actions that organizations can take to prevent, respond, and recover from ransomware events. NIST states that “the purpose of the Ransomware Profile is to help organizations identify opportunities for improving their security and resilience against ransomware attacks.” They encourage organizations to use the document as a guide for profiling the state of their current readiness.
In other news, the Pentagon has been sharing updates on CMMC finalizations in the recent weeks. Christine Michienzi, chief technology officer under the deputy assistant secretary of defense for industrial policy, suggested that every aspect of the CMMC program is undergoing reconsiderations. She said, “everything is currently under review to make sure that that is the best mechanism that we can use, the independent auditors versus [the Defense Contract Management Agency] versus self certification at the different levels, and what those levels need to be because the initial levels that were rolled out maybe need to be revisited.” She also mentioned that “the defense industry should continue efforts to align with CMMC, despite upcoming programmatic changes that may result from the ongoing review.”
Stay tuned as we continue to follow any upcoming CMMC changes that may take place. That’s all for today! Thank you for tuning in to this week’s segment of “Mondays With Miranda!” Keep up to date with current news by following NeQter Labs on Twitter, Facebook, LinkedIn, and Youtube. We love comments and questions, so please feel free to send me an email at firstname.lastname@example.org.