To embed, copy and paste the code into your website or blog:
In a paradigm shift for cybersecurity, President Biden signed an ambitious Executive Order (the Order) on May 12 to address the increasingly sophisticated threats by malicious cyber actors to the nation s software supply chains and federal information systems. The Executive Order on Improving the Nation s Cybersecurity seeks to modernize federal government cybersecurity, improve information sharing between federal agencies and the private sector, and enhance the nation s resiliency to cyber-attacks. While the Order primarily focuses on concrete steps the federal government must take to adopt cybersecurity best practices, there are several provisions that will also significantly impact government contractors, subcontractors and other private sector entities. These changes come at a critical time for such organizations, especially those that are diligently working to meet Cybersecurity Maturity Model Certification (CMMC) req
To embed, copy and paste the code into your website or blog:
In a lengthy Executive Order issued on May 12, 2021 (the “Order”), the Biden Administration has taken steps “to make bold changes and significant investments” in both public and private sector cybersecurity “in order to defend the vital institutions that underpin the American way of life.” The full scope of the Order remains to be seen. Much will depend on the recommendations and rules issued by various agencies over the coming months. Nonetheless, the Order itself signals several areas where significant changes can be expected.
Expect Increased Reporting Obligations For Government Contractors.
All organizations have to monitor and protect data. But, monitoring and protecting data is even more essential for those that work with the Department of Defense (DoD). The DoD has witnessed a growing number of threats, vulnerabilities, and cyberattacks aimed at its contractors. As a result, the DoD has established a framework for companies to adhere to, to prove compliance in protecting defense data.
Share this article
Share this article
GREENVILLE, S.C., May 11, 2021 /PRNewswire/ Elliott Davis, a business solutions and accounting firm with nine offices across the Southeast, announced today that it has been selected as a candidate Certified Third-Party Assessor Organization (C3PAO) by the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body. The CMMC is a unified security standard and certification process developed by the U.S. Department of Defense (DoD) to strengthen the protection of sensitive data, including controlled unclassified information (CUI) and federal contract information (FCI), throughout its supply chain. Only C3PAOs can conduct CMMC assessments and this candidate selection is a crucial step in helping federal contractors navigate the DoD s cybersecurity certification processes.
Biden s Supply Chain Initiative Depends on Cybersecurity Insights
Those helming the US supply chain executive order need to leverage standards, measurement, and the lessons cybersecurity leaders have learned.
US supply chains face a wide range of challenges, risks, and vulnerabilities. From the SolarWinds attack to the recent dependency confusion attack that breached companies like Microsoft, Apple, Uber, and Tesla, supply chain cybercrime abounds. As chief information security officers (CISOs) and security teams know, supply chain incidents have cascading effects.
During the height of the COVID-19 pandemic, shortages of medical supplies such as personal protective equipment (PPE) for front-line healthcare workers and other critical supply shortages were a significant problem. So, in February, President Biden signed Executive Order 14017, America s Supply Chains, which calls for a comprehensive review of US supply chains to identify vulnerabilities and risks, aiming to inform ho