FedTech Magazine

What Is DOD’s Cybersecurity Risk Management Construct?

The dynamic, automated, continuous risk management framework addresses the shortcomings of its predecessor, the Risk ...
Federal News Network

Industry flags DoD’s lack of standardized software attestation processes

Vendors said it is unclear what qualifies as a valid attestation, what evidence must be included or how often attestations are required.
Cloud Security Alliance

Understanding the DoD’s New Cyber Security Risk Management Construct (CSRMC)

Explores how the DoD's CSRMC uses NIST RMF tiers to enable automated, mission-aligned cyber risk management across the enterprise and its systems.
Federal News Network

Risk and Compliance 2025 Exchange: Diligent’s Jason Venner on moving beyond manual cyber compliance

The Pentagon has been leading a push to shift cyber risk management beyond static checklists and manual processes, the Diligent solutions leader says.
Government Executive

Pentagon background-check systems at risk of hacking, GAO says

The Pentagon agency that vets federal employees hasn’t worked hard enough to protect its IT systems and the sensitive personnel data they store, according to a watchdog report. “While [the Defense ...
Homeland Security Today

GAO: Ongoing DoD Fraud Risk Assessment Efforts Should Include Contractor Ownership

Some companies doing business with the Defense Department have opaque ownership structures that may conceal who owns, controls, or benefits from the company. The Government Accountability Office ...
Business Wire

KnowBe4’s Artificial Intelligence Defense Agents To Combat AI-Generated Phishing Attacks and Measure Cyber Risk in Humans

TAMPA BAY, Fla.--(BUSINESS WIRE)--KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today announced a new innovative suite of AI-native security ...