Remember those cybersecurity initiatives you’ve been putting off for years? If you’re involved in government contracting, particularly with the Department of Defense, you won’t be able to put them off much longer. According to this article — “Pentagon updates timeline for CMMC cybersecurity initiative” — time is running out. Take a look:
The Department of Defense [DOD] hopes to begin implementing its Cybersecurity Maturity Model Certification (CMMC) program requirements in contracts in May 2023, as part of an effort to prod hundreds of thousands of defense contractors to better protect their networks and controlled unclassified information … “We’re hoping by March of 2023, they will give us an interim rule …,” Stacy Bostjanick, the Pentagon’s director of CMMC policy, said.
That means in a shade over five months, you’ll have to be ready to go. If not, your DOD business might have to go.
Don’t Let It Happen To You
The fact is no business, in any industry, that does any work at all online, can afford to be without cybersecurity measures in place. It’s the price we pay for living and working in the Digital Age. If it can be reduced to binary code and transmitted electronically, it can be hacked, compromised, stolen, and/or held for ransom.
As evidence, here’s Exhibit A, from Firewall Times, “Top 10 Biggest Data Breaches of 2022 – So Far“, as of October 4. Here’s Exhibit B, from the same source: “Recent Data Breaches – November 2022“. And if you think cyber is the only liability you’ll face if your network is hacked, think again:
The Federal Trade Commission [FTC] plans to take the rare step of bringing individual sanctions against the CEO of alcohol delivery company Drizly for data privacy abuses, following allegations that the company’s security failures under his watch exposed the personal information of about 2.5 million customers. The proposed order will follow Drizly CEO James Cory Rellas to future businesses, requiring him to implement a security program at any companies he runs that collect information from more than 25,000 people.
You have to believe Drizly — as an LLC and a subsidiary of Uber — never saw that one coming. And you have to believe Cory Rellas never imagined he’d face individual sanctions levied by the FTC.
No such things have to happen. Secure your cyber assets now.