The Cybersecurity Threat Landscape: Is Anywhere Safe?
Is Your Sensitive Data Safe? The Short Answer is, No. Cybersecurity is an increasingly critical issue as the digital landscape constantly changes, and hackers seek ways to penetrate networks and systems. To ensure safety and security for all, defense contractors must know about emerging threats or vulnerabilities, including what malicious actors are targeting and how […]
Summer 2025 CORA Alert – Prepare Now
“If you want to stay connected, then you must be inspected.” The NCMS Annual Conference and Seminar wrapped up on June 12th, 2025. NCMS, Inc., the Society of Industrial Security Professionals provides development and training for its 7,000+ members in industrial security, cybersecurity, and classification management. Along with customer meetings and exhibition floor meet-and-greets, a […]
The DoW’s New Approach to Cybersecurity Risk Management
Breaking Down the Department of War’s New Cybersecurity Risk Management Construct (CSRMC): 5 Phases and 10 Tenets The 5 Phases of CSRMC. Click to enlarge. As outlined within the DoW announcement dated September 24th, 2025, DoW is looking to replace the Risk Management Framework with a “modernized” framework or “construct” that focuses more on current […]
How a Mock CORA can Reduce the Stress and Uncertainty of Your Upcoming “Visit”
The Cyber Operational Readiness Assessment (CORA) is the hot topic within the Department of War (DoW) cybersecurity community. Unlike its predecessor, the Command Cyber Readiness Inspection (CCRI), the CORA is a dynamic examination of a site’s network worthiness, assessing not only the organization’s technical posture, but their cyber governance. In addition to the “baseline” assessment […]
The Cybersecurity Trends Poised to Transform Defense Contracting in 2026
TL;DR Summary: CMMC enforcement will expand significantly in 2026 as requirements are phased into DoD and DoW contracts, making demonstrable, auditable cybersecurity controls a requirement for defense contractors. AI will intensify both threats and defenses, with nation-state actors using AI offensively while contractors adopt AI-driven detection and automated response tools. Zero-Trust may become a de […]
Building a SIPRNet Enclave: Lessons Learned From the Field
TLDR; SIPRNet enclaves must be designed around DoD, DISA, and STIG requirements from the start to avoid costly rework later Scalability and long-term sustainment (patching, hardware refresh, re-accreditation) should be planned from day one Thorough, continuously updated documentation is critical to success and a smoother ATO process Early and ongoing coordination with DISA, DCSA, and […]
CISA and FBI Introduce New Guidance to Address Cyber Risks in OT Environments
TLDR; CISA, FBI, and international partners released new guidance to reduce cyber risks in operational technology (OT). The guidance focuses on securing OT connectivity as systems become more interconnected. The guide encourages OT vendors and integrators to adopt secure-by-design practices. Aims to protect critical infrastructure from advanced and nation-state cyber threats. CISA and FBI Introduce […]
DISA Advances Mission Network-as-a-Service Initiative for 2026
Tldr; DISA will launch Mission Network-as-a-Service in 2026 to consolidate combatant command networks into a single cloud-based environment called COCOMNet. The effort replaces geographically siloed networks with a unified, globally accessible architecture to improve security, interoperability, and data sharing. COCOMNet will be built on zero-trust principles, supported by federated identity and access management (ICAM) to […]