Meeting the standards laid out in the Pentagon’s cyber certification program is a necessary start to buying down supply chain risk through establishing good cyber hygiene, but cyber experts say CMMC would not necessarily have helped contractors detect or prevent exposure to the SolarWinds attack.
The ICT supply-chain security task force run by CISA is detailing its “way forward” after receiving a six-month extension on life to help start pilot programs as well as “launch new or updated lines of effort,” according to a blog from the cyber agency’s National Risk Management Center.
A House Appropriations subcommittee hears from CISA Acting Director Brandon Wales this week on government cyber modernization, while FCC Acting Chairwoman Jessica Rosenworcel discusses the benefits of Open Radio Access Networks.
The White House is working with industrial control system stakeholders to develop a plan for addressing “integrity” of systems in the water and power sectors that can provide more “visibility” to develop solutions, according to Deputy National Security Advisor for Cyber Anne Neuberger.
The first meeting of the President’s National Infrastructure Advisory Committee under the Biden administration focused on policy needs raised by the SolarWinds hack and circled back to the potential benefits from creating a Critical Infrastructure Command Center, as called for in a recent NIAC report as well as by the Cyberspace Solarium Commission.