I
lecture about maturity models a lot. I’d like to produce mature IT
managers. Government likes to produce its own ‘Catch 22.’
https://www.cpomagazine.com/data-protection/achieving-cmmc-compliance-navigating-unchartered-waters/
Achieving
CMMC Compliance: Navigating Unchartered Waters
Does
your organization do business with the Department of Defense (DoD)
and process, store, or transmit Controlled Unclassified Information
(CUI)? If so, you probably rushed to create documentation to
self-attest NIST SP 800-171 compliance when DoD issued the Defense
Federal Acquisitions Regulations System (DFARS) 252.204-7012 back in
2017 to protect CUI confidentiality.
Things
are different now, with the introduction of the Cybersecurity
Maturity Model Certification (CMMC) in January 2020 (cue
warning music). This new program just changed the calculus for about
350,000 businesses that deal with the DoD in every aspect—from
supply chain to cybersecurity. Although the CMMC security
requirements are not that different from 800-171 (in fact, all 110
requirements are included in CMMC Level 3, verbatim), CMMC introduces
a few new things, including the need for a
pre-award validation of CMMC compliance using an accredited
independent auditor. Uh-oh! You are also required to
show you are compliant with DFARS clause 252.204-7012, which includes
implementing additional requirements related to incident reporting
and forensics, commonly referred to as clauses (C)–(G).
That,
of course, creates a whole new set of challenges for businesses that
will have to comply by October 2020, according to DoD’s current
projections.
As
of this date, the CMMC Accreditation Board (AB) has not announced
accreditation guidelines for how to become one of those
auditors—called a C3PAO—so no
such auditors exist.
Recourse.
From
the Reference Desk: Cyber Operations and International Law
FCIL
Special Interest Section of AALL – Jonathan Pratter –
“A
student had a question: If
State A doxes State B for hacking State C, what would be the result
under international law?
The student was in the law school class, International Law of Cyber
Conflict. My immediate response was, “That is a good question.
Let me get back to you.” Every reference librarian needs a
fall-back response like this. We can’t know everything
immediately. The question was substantive, but since the student was
asking a librarian, I understood that she wanted to know what
resources there are that would help answer the question…”
Gartner
talks to CIO’s and other IT leaders. This is interesting!
100
Data and Analytics Predictions Through 2024
The
digital business future provides organizations with nearly unlimited
possibilities to create business value. Increasingly, data and
analytics have become a primary driver of business strategy, and the
potential for data-driven business strategies and information
products is greater than ever. It is a part of everything that
organizations do. Yet, for many, the ability to “think in data”
is still difficult.
Gartner’s
annual predictions disclose the varied importance of data and
analytics across an ever-widening range of business and IT
initiatives.
Complete
the form to get your free copy.
A
tool for “WHEN.” Also some forensic applications?
Microsoft’s
New ‘Windows File Recovery’ Tool Restores Deleted Data
How
To Recover Deleted Data With The New Microsoft Windows 10 File
Recovery Tool:
“Anyone who has accidentally deleted a file knows the panic that
comes with the mistake. Sometimes you can find the files in the
recycle bin and restore them, but other times the files are just
plain gone. Anyone familiar with how Windows and other operating
systems work might know that files aren’t actually deleted, they’re
marked to allow other data to overwrite them in the future. That
means with the right recovery software, there is a chance to recover
“deleted” files like images or documents. To that end, Microsoft
has quietly launched a new tool specifically to help with this task.
The new tool is called Windows File Recovery and it’s
free…the
tool can be found
here,
and the app is available to download
here …”
“Evidence”
Washington is infected?
No comments:
Post a Comment