At a glance.
- Notes on CMMC 2.0.
- An EU cyber emergency fund?
- Most geofencing ruled unconstitutional in the US.
- FBI warns of government impersonation.
- Reaction to the Strengthening American Cybersecurity Act of 2022.
What to expect from CMMC 2.0.
The US Department of Defense (DoD) has announced it will be releasing a new version of its Cybersecurity Maturity Model Certification (CMMC), a guide intended to regulate the control of unclassified information and high-value assets by government contractors and subcontractors. HelpNetSecurity offers an overview of what changes to expect. Critics have argued that the stringent requirements of the CMMC are nearly impossible for smaller firms to implement, leaving them unable to compete with larger firms for contracts. One much-criticized stipulation required all DoD contractors and subcontractors to conduct costly third-party assessments of their cybersecurity procedures, regardless of their role or the sensitivity of the data being handled. CMMC 2.0 is expected to be a more streamlined version of its predecessor, simplifying the certification process and cutting down on security regulations for contractors who handle less sensitive data.
EU ministers request cybersecurity emergency response fund.
In response to Russia’s invasion on Ukraine, EU telecoms ministers are urging the European Commission to establish a cybersecurity emergency response fund to help fight large-scale cyberattacks. A draft document penned by the ministers…
