The leaders of the Five Eyes, a coalition of English-speaking intelligence agencies, have emphasized the critical nature of safeguarding sensitive information in cyberspace, especially in light of the escalating tensions with The People’s Republic of China, which they have dubbed as the paramount threat of this era. Recent cyber intrusions by Chinese hackers, who pilfered 60,000 State Department emails, underscore the urgency of this issue. Additionally, defense intelligence has also been a target. Surprisingly, many companies holding such vital intelligence are unaware of their role in national security.
Almost a decade ago, the Department of Defense (DoD) introduced the Defense Federal Acquisition Regulation Supplement (DFARS) to protect the nation’s intellectual property. Despite being included in over a million contracts, enforcement of DFARS has been lax. The DoD is on track to release the proposed rule for Cybersecurity Maturity Model Certification (CMMC) 2.0 in November, a pivotal step in ensuring the defense industrial base adheres to robust security measures.
While security controls like multifactor authentication, network monitoring, and incident reporting have long been stipulated in government contracts with the DoD, contractors were previously allowed to self-certify their compliance. This system operated on trust, without verification. This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: