Welcome to the latest episode of The LoJo Show!
On this episode, Katie Arrington returns to discuss recent updates in the cybersecurity landscape, with a special focus on the advancements in CMMC (Cybersecurity Maturity Model Certification) and the growing responsibilities of CISOs across the defense sector and beyond.
Key Takeaways
CMMC Updates and National Security
- New Federal Regulations: The 32 CFR, a major component of CMMC, has officially passed into law, marking a critical step for national security. Companies in the defense industrial base must now meet strict cybersecurity standards to continue their work with the DoD.
- Security as a Baseline: Katie emphasizes that cybersecurity is no longer optional but foundational, especially with rising threats to sensitive data across industries.
Challenges for Small and Medium-Sized Businesses
- Financial Strain of Compliance: Many small businesses struggle with the cost of implementing CMMC compliance, which can hinder competitiveness. Katie calls for better DoD support and funding to help small businesses manage cybersecurity investments.
- Supply Chain Risks: Cyber risks are no longer isolated; they now extend across supply chains. Prime contractors are increasingly responsible for securing their subcontractors' cyber postures, making collaboration essential.
The Role of CISOs in Today’s Landscape
- Internal and External Security Focus: Katie discusses the expanding responsibilities of CISOs, highlighting that they must not only secure their organization’s network but also ensure compliance within the supply chain.
- Culture of Security: With remote work on the rise, CISOs face new challenges in promoting a vigilant security culture, as employees often multi-task or work from less secure environments.
CMMC’s Global Impact
- Beyond U.S. Borders: The new CMMC requirements are relevant for international contractors operating in 69 countries with DoD contracts. Katie notes the importance of global cybersecurity standards to ensure protection across borders.
Practical Advice for Small Businesses
- Engage with Primes: Katie encourages small businesses to work closely with prime contractors to address cybersecurity gaps and look into secure tools like the DoD’s SAFE program for handling sensitive data.
- Seek State-Level Resources: Small businesses can leverage resources like the Manufacturer Extension Partnerships (MEPs) and state-level APEX programs for cybersecurity support and training.
Future Trends and the Need for Cyber Insurance
- Cyber Insurance: Katie predicts an increased demand for cyber insurance audits as more industries implement cybersecurity requirements.
- Continuous Monitoring and Audits: Industries such as healthcare are implementing robust cybersecurity measures, suggesting a trend toward comprehensive, monitored cyber standards in critical infrastructure sectors.
About Our Guest
Katie Arrington is a cybersecurity expert with a background as the former CISO at the Department of Defense. Known for her pioneering work with CMMC, Katie has played a significant role in shaping national security protocols and advocating for the defense industry’s cybersecurity posture. She brings over a decade of expertise in federal cybersecurity policies and consults on secure practices for small and large businesses alike.
Katie’s work emphasizes the importance of strategic cybersecurity practices to protect organizations at all levels—from small businesses to major defense contractors.
Contact Info:
If you’re interested in joining us on the show, reach out on social media or email us at officiallojoshow@gmail.com!
Stay safe and stay secure!
Comments (0)
To leave or reply to comments, please download free Podbean or
No Comments
To leave or reply to comments,
please download free Podbean App.