COMMENTARY: DOD’s Cybersecurity Maturity Model Certification II
A Prognostication for the Arm-chair Cyber Generals In 2019, the Department of Defense (DOD) announced the development of the Cybersecurity...
RMF
The Top 6 Immutable Rules of RMF
We still do not have a good universal understanding of the role of leadership and the basics of RMF to...
COMMENTARY: F-35 JSF Program, the 2018 “What’s Behind the Curtain” Candidate
The Joint Strike Fighter's (JSF) Autonomic Logistics Information System (ALIS) "Most-Public-Secret" The article, DOD Struggles with Risk Management Framework Adoption, https://defensesystems.com/articles/2018/11/30/dod-risk-management-framework.aspx is...
A Need for Better Cybersecurity Time Management
Some Suggestions for the Department of Defense A Hybrid-Risk Management Framework (RMF) Step 3 A challenge facing the Department of...
The 2018 California Consumer Protection Act (CCPA)
How NIST 800-171 May Be The Better Solution To-date The CCPA provides California residents the right: To know what personal...
Continuous Monitoring: What Good Looks Like
Defining Continuous Monitoring Cybersecurity is not about shortcuts. There are no easy solutions to years of leaders demurring their responsibility...
The Power of the POAM
What is the best way to think about the POAM Lifecycle? In Brief Using the US Intelligence Community’s Intelligence Cycle...
EDITORIAL: Risk Management has been a Failure
A Disjointed and Bureaucratic Mess The principle of Risk Management (RM) has been a failure for the federal government’s implementation...
