Showing 11 Result(s)

CYBER INSURANCE Insurers and Policyholders Face Challenges in an Evolving Market

A great report by the GAO on the state of the cyber insurance market, required under the 2021 NDAA. Driven by the fact that Federal Government provides some cyber support through the Treasury administers the Terrorism Risk Insurance Program (TRIP). Cyber insurance is in a difficult place with everything moving in the wrong direction. Take …

US Senate Armed Services Subcommittee hearing – Cybersecurity of the Defence Industry Base (18th May 2021)

On the 18th of May 2021 the Senate Armed Services Subcommittee on cyber held a hearing on the ‘Cybersecurity of the Defence Industry Base (DIB)’, under the 2021 NDAA, focusing on the issue of cyber security of the DIB.  The targeting of the DIB by other Nation States, ‘affectively subsidising their own defence development’ is …

Cyber affects share price

Cyber regulation and US financial markets

Back in May 2020 the Cybersecurity Solarium Commission wrote to the Securities and Exchange Commission (SEC) to encourage it to exercise its authority under section 404 of the Sarbanes Oxley Act.  To include cyber risk reporting, recognising the material impact that cyber attacks have on corporate balance sheets and publicly traded companies.  SEC guidance around material …

Weapon system

2021 GAO report to congress on weapon system security – Improved guidance to contractors needed

Following on from their 2018 report on weapon systems security and cyber vulnerabilities.  The US Government Accountability Office (GAO) has conducted a further assessment to examine the extent to which the DoD has made progress in contracting cyber security requirements for weapon systems during product development.  Examining the extent to which the DoD and military …

Capital Hill

US administration transition book from the Cybersecurity Solarium Commission

The new US administration has its work cut out for sure when it comes to cyber security, but the challenges and opportunities are recognised.  To support the development of strategy and operationalise cyber risk management the Cybersecurity Solarium Commission has offered its advice through the enclosed ‘Transition book for the incoming Biden Administration’. Providing useful …

Weapon system

In the beginning there was…….

Sometimes it’s useful to go back to the beginning, to understand the reasons for the decisions which are made and why.  To clarify the mission objective and reconfirm what we are doing and why we are doing it. The enclosed public report was published in 2018 by the US Government Accountability Office (GAO) to the …

The DoD CMMC programme and international DIB compliance

On 17th December 2020 the UK Defence trade associations ADS Group and Team Defence Information (TDI), Katie Arrington the CISO for the Office of the Under Secretary of Defence for Acquisition and Sustainment and myself, with the support of the UK Embassy in Washington. Held a CMMC webinar.  We introduced the US DoDs CMMC programme and …

Capital Hill

Concerns raised by US Universities, as they write to the OUSD A&S seeking clarity on the application of CMMC to academic and research institutions.

As the CMMC debate continues, it is raising some interesting, difficult and dare I say it academic questions.  Several representative bodies for research institutions in the US have written to the Under Secretary of Defense for Acquisition and Sustainment (USD[A&S]).  Raising concerns over the implementation of CMMC and its financial impact on academic institutions during COVID …

Capitol Hill

Cyber security standards: An important subject for the US Senate and House Armed Services Committee

Cyber security is an important topic for discussion in 2021.  Whilst this years US elections will undoubtedly create some breathing space for regulation, the Senate and the House Armed Services Committee has set an agenda for discussion of CMMC in 2021.  CMMC is one component of the drive in the US for Supply chain security.  …