The much maligned, misunderstood, and often misguided CMMC framework is hopefully - finally - coming to fruition as the Department of Defense (DoD) has indicated that the rulemaking will take anywhere from 9-24 months from the release date of the CMMC 2.0. Translation: We are still waiting as the 9-24 months has been a standard statement for quite some time now.  This has left federal contractors to wonder when that time period would begin and what the timeline might look like.

In December, 2022, President Joe Biden signed into law the National Defense Authorization Act (NDAA), an $858 Billion spending bill that’s big on almost everything related to defense, including the all-important issue of cybersecurity.  The legislation, which authorizes $817 billion specifically for the Department of Defense, will provide $45 billion more than Biden’s budget request earlier this year.

As North America’s leading provider of National Security, Cybersecurity & NIST RMF Advisory Services & Solutions for the U.S. Defense Industrial Base (DIB), Arlington now offers a complete life cycle of services & solutions for FedRAMP. 

If you’re seeking cost savings, operational efficiency, and expert IT knowledge, then consider Arlington’s virtual CISO services for your organization.  In today’s competitive business arena, finding qualified employees is becoming more difficult by the day, and that’s especially true for any InfoSec and cybersecurity related jobs.

Arlington Security Portal (ASP) is an online repository of world-class, industry leading security policies & procedures, programs, plans – and other highly essential documents & templates developed specifically on the NIST Risk Management Framework (RMF) 800 series of publications for information security, cybersecurity, and privacy control families.

On November 22, 2022, the Department of Defense released its Zero Trust Strategy and Roadmap, for which the DoD intends to implement distinct Zero Trust capabilities and activities as outlined in the strategy and associated Roadmap by FY27.

Here’s a shocking statistic to ring in the new year of 2023 for cybersecurity.  Approximately 75% of industrial control systems and devices (ICS) have severe, unpatched cybersecurity vulnerabilities. What’s an ICS? Essentially all the major systems and components that run our daily lives for almost everything we do.  Think the power grid, water treatment plants, and much, much more.

After eight long years as one of Congress’ key leaders on all things cybersecurity, retiring Republican Rep. John Katko is no doubt proud of his - and other colleagues - in helping create, fund, and grow the Cybersecurity and Infrastructure Security Agency (CISA).

Sen. Gary Peters (D-Mich.), chairman of the Homeland Security and Governmental Affairs Committee, acknowledged that his top cybersecurity priorities for 2023 are fortifying cyber defenses for small businesses, open-source software, federal agencies, and vital technology used in industrial facilities.