02.01.2024 Views

The Cyber Defense eMagazine January Edition for 2024

Cyber Defense eMagazine January Edition for 2024 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! 201 page January Edition fully packed with some of our best content. Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES

Cyber Defense eMagazine January Edition for 2024 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! 201 page January Edition fully packed with some of our best content. Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

unnecessary data breaches. Security officials at the DoD found themselves handing out penalties and<br />

fines after hostile nation-state actors had already pilfered off critical data.<br />

“Here’s the bottom-line challenge we all face. If we get this wrong, and we do too little, there is a<br />

vulnerable supply system that is compromised and weighed down when we need it,” CEO of the National<br />

<strong>Defense</strong> Industrial Association David Norquist said. “For national security, we need to protect against<br />

both disruption as well as tampering. But what makes a market so powerful is exactly what makes this<br />

challenge so hard.”<br />

CMMC 2.0 brings more than 100,000 contractors and subcontractors under one policy, requiring ongoing<br />

certification. <strong>The</strong>se same protocols required by the DoD can deliver the heightened cybersecurity every<br />

operation needs to defend against the relentless stream of cyberattacks.<br />

How CMMC 2.0 Works<br />

This cybersecurity policy evolved from standards published by the National Institute of Standards and<br />

Technology (NIST). An initial model included five cyber hygiene levels that applied to outfits based on<br />

the type of Federal Contract In<strong>for</strong>mation (FCI) and Controlled Unclassified In<strong>for</strong>mation (CUI) the<br />

enterprise stored and transferred. <strong>The</strong> five tiers were revised down to the following three in the CMMC<br />

2.0 version, which is gradually being implemented.<br />

• Level 1: Considered “Foundational” cyber hygiene, supply chain organizations that store or<br />

transmit FCI are required to follow 17 practices to meet 59 objectives. Companies that fall under<br />

Level 1 are tasked with self-assessments and reporting the findings to the federal government.<br />

• Level 2: Protecting CUI, this “Advanced” cyber hygiene standard tasks companies with adhering<br />

to 110 NIST practices to achieve more than 300 objectives. Depending on the type of digital<br />

assets, companies can report annual self-assessments or be vetted by a CMMC Third Party<br />

Assessor Organization, also known as a C3PAO.<br />

• Level 3: Recognized as “Expert” cyber hygiene, military contractors and enterprises with critical<br />

CUI must meet more than 110 NIST measures, as well as other related defenses. Companies<br />

undergo an audit every three years by a C3PAO, with the outcome reported to the Pentagon.<br />

Businesses that fail to meet the CMMC 2.0 mandate will likely find themselves sidelined. Losing revenue<br />

streams from lucrative DoD contracts tends to be more whip than carrot in the push to secure sensitive<br />

military defense secrets. But that does not necessarily mean businesses should implement CMMC 2.0<br />

solely to gain DoD approval. <strong>The</strong> cybersecurity policy proves equally effective at repelling hackers trying<br />

to infiltrate networks out of greed.<br />

<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>January</strong> <strong>2024</strong> <strong>Edition</strong> 42<br />

Copyright © <strong>2024</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!