DefenseScoop’s Post

Amid the Department of Defense’s all-out push to adopt a zero-trust security framework across its enterprise by 2027, Senate lawmakers want to make sure that “internet of military things” hardware is included in that. The Senate Armed Services Committee on Monday released the full text and report for its version of the fiscal 2025 National Defense Authorization Act with a number of cybersecurity provisions included in it related to zero trust — a widely recognized, cloud-based concept that assumes an adversary has already gained access to a network and therefore looks to limit further movement internally by requiring constant monitoring and authentication of users and their devices as they pass from one part of a network to another. https://lnkd.in/erxynUFA

Amid the Department of Defense’s all-out push to adopt a zero-trust security framework across its enterprise by 2027, Senate lawmakers want to make sure that “internet of military things” hardware is included in that. The Senate Armed Services Committee on Monday released the full text and report for its version of the fiscal 2025 National Defense Authorization Act with a number of cybersecurity provisions included in it related to zero trust — a widely recognized, cloud-based concept that assumes an adversary has already gained access to a network and therefore looks to limit further movement internally by requiring constant monitoring and authentication of users and their devices as they pass from one part of a network to another. https://lnkd.in/eUfCyZnm

Amid the Department of Defense’s all-out push to adopt a zero-trust security framework across its enterprise by 2027, Senate lawmakers want to make sure that “internet of military things” hardware is included in that. The Senate Armed Services Committee on Monday released the full text and report for its version of the fiscal 2025 National Defense Authorization Act with a number of cybersecurity provisions included in it related to zero trust — a widely recognized, cloud-based concept that assumes an adversary has already gained access to a network and therefore looks to limit further movement internally by requiring constant monitoring and authentication of users and their devices as they pass from one part of a network to another. https://lnkd.in/ef8RAa-j

Amid the Department of Defense’s all-out push to adopt a zero-trust security framework across its enterprise by 2027, Senate lawmakers want to make sure that “internet of military things” hardware is included in that. The Senate Armed Services Committee on Monday released the full text and report for its version of the fiscal 2025 National Defense Authorization Act with a number of cybersecurity provisions included in it related to zero trust — a widely recognized, cloud-based concept that assumes an adversary has already gained access to a network and therefore looks to limit further movement internally by requiring constant monitoring and authentication of users and their devices as they pass from one part of a network to another. https://lnkd.in/e7tyTww7

Guard your digital kingdom with strong, complex passwords! They’re the fortress walls protecting your data from invaders. Mix letters, numbers, and symbols for an impenetrable defense. Ready to fortify? Visit https://lnkd.in/eyBFiZSU #CyberSecurityMonth

You hear about it all the time, sensitive data compromised by hacking or ransomware. RF Shielded Pouches protect your devices from wireless access, protecting your devices while they are within the confines of the Pouch! #security #databreach #rfshieldedpouches #protection #wirelesssecurity #compromise #securitysolutions #securityawareness #hacking #ransomware #ransomwareprotection #awareness https://lnkd.in/gpy_e8YU

#FancyThat? MoD breach is to be discussed in parliament today and a strong candidate is #FancyBear or APT28, the Russian state sponsored hackers. German officials confirmed last week, Fancy Bear was behind widespread hacks targeting German infrastructure, government and private industry. "The US Department of Justice has worked with Germany to remediate a network of hundreds of small office/home office routers that APT28 was using to conceal and carry out malicious activity, including the exploitation of CVE-2023-23397 against targets in Germany," the US State Department declared. #ArmedForcesData #Veterans #PII https://lnkd.in/eK3jpFRZ

File this one under "not fooling anybody". When DoD asks for cyber self-assessments: perfect scores When DoD assessors show up to verify: scores plummet by 100+ points Meanwhile, barely half of defense contractors have performed internal assessments against NIST SP 800-171, CMMC, or DFARS in the last 12 months. The further you zoom out the more reports there are with the same findings. I sometimes hear people say "well if CMMC is so important why aren't we hearing anything about it?" CMMC rulemaking is in the final stages of red tape, poised for showtime in Q1 2025. What more is there to say?

I found this to be true when engaging Defense Industrial Base companies for cyber threat hunts too. Self assessments were often a poor predictor of a company’s true cyber hygiene and ability to protect CUI from even the most basic threats, let alone a full on CMMC third party assessment. #cmmc #ciso #cyberthreathunting