Browsing Category
On the 18th of May 2021 the Senate Armed Services Subcommittee on cyber held a hearing on the ‘Cybersecurity of the Defence Industry Base (DIB)’, under the 2021 NDAA, focusing on the issue of cyber security of the DIB. The targeting of the DIB by other Nation States, ‘affectively subsidising their own defence development’ is …
Back in May 2020 the Cybersecurity Solarium Commission wrote to the Securities and Exchange Commission (SEC) to encourage it to exercise its authority under section 404 of the Sarbanes Oxley Act. To include cyber risk reporting, recognising the material impact that cyber attacks have on corporate balance sheets and publicly traded companies. SEC guidance around material …
Following on from their 2018 report on weapon systems security and cyber vulnerabilities. The US Government Accountability Office (GAO) has conducted a further assessment to examine the extent to which the DoD has made progress in contracting cyber security requirements for weapon systems during product development. Examining the extent to which the DoD and military …
The new US administration has its work cut out for sure when it comes to cyber security, but the challenges and opportunities are recognised. To support the development of strategy and operationalise cyber risk management the Cybersecurity Solarium Commission has offered its advice through the enclosed ‘Transition book for the incoming Biden Administration’. Providing useful …
Sometimes it’s useful to go back to the beginning, to understand the reasons for the decisions which are made and why. To clarify the mission objective and reconfirm what we are doing and why we are doing it. The enclosed public report was published in 2018 by the US Government Accountability Office (GAO) to the …
On 17th December 2020 the UK Defence trade associations ADS Group and Team Defence Information (TDI), Katie Arrington the CISO for the Office of the Under Secretary of Defence for Acquisition and Sustainment and myself, with the support of the UK Embassy in Washington. Held a CMMC webinar. We introduced the US DoDs CMMC programme and …
On the 3rd of November 2020 myself, Rear Admiral William Chase (Senior Military Advisor for Cyber Policy to the Under Secretary of Defense for Policy/Deputy Principal Cyber Advisor to the Secretary), and John Weiler (Chairman of the CMMC Center of Excellence and CEO of the IT Acquisition Advisory Council) were invited to speak to the …
With all intents and purposes the Interim Final Ruling published by the Department of Defence on the 29th of September 2020 will become affective on the 30th November 2020. Requiring that contractors and subcontractors input their assessment of NIST SP 800 – 171 compliance and ultimately their CMMC certificates into the DoDs Supplier Performance Risk …
On the 29th of September 2020 the US Department of Defence (DoD) released its Interim Final Ruling (ruling) for DFARS Case D041, effective 30th November 2020. Improving the protection of Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) across the DoDs Defence Industry Base (DIB) and closing gaps in the oversight and assurance of …