With a number of high-profilesecurity hacks involving widely used software, government agencies are retraining their focus on their organization's security measures and those of the vendors and service providers that work with them. This shift in focus was actually on the rise before the recent hacks in anticipation of cyberattacks just like the ones we've recently seen.
In January of 2020, the Defense Department implemented the Cybersecurity Maturity Model Certification (CMMC), a unified standard for implementing cybersecurity across the defense industrial base (DIB), which includes over 300,000 companies in the supply chain. Contractors have always been held responsible for implementing and documenting their IT systems' security that touch sensitive government data. Under CMMC, this continues, but adds the need for a third party to assess the contractor's compliance.
From time to time GovEvents will come across information we feel our members and audience would benefit from. Here's something we wanted to share:
Ticket holders for the annual Coachella Valley Music and Arts Festival who are looking forward to spending two weekends in the California desert with some of the biggest names in music may have had their anticipation dampened by a bit of bad news from festival organizers last week. "We recently discovered that unauthorized third parties illegally gained access to the usernames, first and last names, shipping addresses, email addresses, phone numbers, and dates of birth individuals provided to Coachella," read an email from the festival. "We have taken measures to block further unauthorized access, and reported the matter to the appropriate authorities for further investigation." Continue reading →