CMMC Interim Rule Includes New Compliance Requirements

October 7, 2020 by Leave a comment

By Hollie Kapos, Corporate Counsel

You never know what surprises will pop up in the last few days of the government’s fiscal year, and this year there was a big one with the Interim Rule implementing DOD’s Cybersecurity Maturity Model Certification (CMMC).

The Interim Rule (“IR”), published on September 29, 2020 and effective as of November 30, 2020, adds the widely anticipated new DFARS clause for inclusion in DOD contracts implementing CMMC: 252.204-7021 (Contractor Compliance with the Cybersecurity Maturity Model Certification Level Requirement). No surprise there.

But, the IR unexpectedly came with two additional clauses, DFARS 252.204-7019 (Notice of NIST SP 800-171 DOD Assessment Requirements) and DFARS 252.204-7020 (NIST SP 800-171 DOD Assessment Requirements), which require the immediate attention of federal contractors and their subs.  Read more of this post

Filed under CMMC, Contracting, Market Intelligence, Sales Tagged with , ,

How the DOD’s FY19 Modernization Priorities Align to Technology

October 17, 2018 by 1 Comment

Stephanie MeloniGlobal communication concept. Technological abstract background.

By Stephanie Meloni, consultant

The Department of Defense continues to evolve at a fast pace to modernize and stay ahead of adversarial threats. This past year has brought many changes in terms of organizations within the DOD. To name a few, we have the Army Futures Command, the Joint Artificial Intelligence Center and the Defense Innovation Unit, that dropped the “X” (for experimental), to imply its permanent role in helping the DOD stay on the cutting edge of technology.

These organizational shifts and changes show the DOD’s response to the changing warfighting environment. Last year, much of the priority was on restoring readiness—now the Department has shifted to modernization. Increases in budget (and actual appropriations) are allowing decision makers to more strategically align funds to the investment priorities that need the most attention. IT spending is set to peak in FY19, so it will be a critical year for technology companies to come in and help the DOD with solutions that will help them stay focused on modernization. Here are just a few of those priorities: Read more of this post

Filed under Market Intelligence, Sales Tagged with , , , , , ,

National Cyber Strategy – What Does It Mean for Those Selling Security Tools to the Government?

September 25, 2018 by Leave a comment

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

You’ve probably heard of the release last week of both the National Cyber Strategy and the Department of Defense (DOD) Cyber Strategy. Some of the priorities highlighted are robust information sharing, greater resilience, encryption, cyber scalability and hardening of IT systems. In fact, we’ve seen demand for these capabilities reflected in recent cyber budgets which have hovered between $13 and$15 billion over the last couple of years. While the documents bring together much of the cyber policies heard from the administration over the past year, there are some important key takeaways you should be aware of as we head into FY19.

Offensive Cyber
One of the most notable developments is a more overt embrace of offensive cyber operations. The DOD Cyber Strategy especially, hones in on this “defending forward” strategy, where the U.S. will confront threats before they reach U.S. networks.

By giving the government more latitude to conduct proactive and offensive cybersecurity, we could see more funding and resources allocated to these operations as early as next year. Expect more demand for network mapping and reconnaissance, data extraction, firewall tunneling and encryption/decryption tools, just to name a few. I expect most of the funding and demand for offensive cyber tools will be generally confined to U.S. Cyber Command and the intelligence agencies.

Read more of this post

Filed under Market Intelligence, Marketing, Sales Tagged with , , , , , , ,

%d bloggers like this: