Tracking the Rollout of CMMC

Posted on by

The Cybersecurity Maturity Model Certification (CMMC) is a framework that requires companies contracting with the Department of Defense (DoD) to meet security standards based on the sensitivity of the data they manage. These standards, based on the National Institute of Standards and Technology's (NIST) SP 800-171 standard, have been in place for eight years, but CMMC further formalizes compliance.

As of November 10, 2025, Defense agencies now require at least a Level 1 certification to award any new contract. To meet this requirement, companies must self-certify that they comply with 15 controls--specified by 800-171--that cover basic cyber hygiene. Next November 10 (in 2026), DoD will require that Level 2 status for contracts dealing with Controlled Unclassified Information (CUI), which currently can be self-assessed, be verified through a third-party assessment of compliance with all 110 controls in the NIST standard. Then in 2027, contracting officers can start requiring those seeking Level 3 certification to undergo an assessment by the Defense Industrial Base Cybersecurity Assessment Center. A Level 3 requirement would apply to technology dealing with highly sensitive data or systems, where a breach could have far-reaching impact. Continue reading

Securing Our Healthcare Infrastructure

Posted on by

We don't typically think of healthcare as infrastructure, but the functioning of our healthcare facilities is just as essential as that of our roads and utilities. Because of this criticality, healthcare systems require 100% uptime, a necessity that is vulnerable to the reality of cyber threats.

According to the FBI's Internet Crime Report, the healthcare industry reported 444 cyber-related incidents in 2024, the most out of any critical infrastructure industry. Despite this reality, many hospitals and health systems feel unprepared to respond and recover from these threats. The Travelers Risk Index survey found that only 51% of healthcare respondents were confident their organizations have best practices in place to prevent or mitigate a cyber event. Key challenges driving this lack of confidence include: Continue reading

How Technology Is Improving Citizen-Government Relations

Posted on by

When it comes to modernizing government, implementing new technology should not be the goal. The driver should be mission achievement improving service. Technology should not be the end solution, but an enabler of better processes.

With that in mind, we wanted to take a look at some of the buzziest technology solutions and see how they are enabling better citizen service.

Geospatial Data

A good deal of government service involves knowledge of a location. City, state, and federal governments need geospatial data to inform their work--from efficient emergency response to disaster preparedness and response, to the coordination of major events like Mardi Gras, marathons, and the upcoming World Cup and 2028 Olympics. Continue reading

A Look at Quantum Computing in the Public Sector

Posted on by

The acceleration of quantum computing from a theoretical to a functional reality is beginning to feel as fast as supercomputers themselves. This rapid pace of advancement brings a new urgency to preparedness. Agencies across all levels of government, as well as government-adjacent commercial organizations, are preparing for both the opportunities and risks introduced by a post-quantum world.

Federal

The 2026 National Defense Authorization Act (NDAA) includes 11 amendments related to quantum computing preparedness. The focus areas of these amendments include:

  • Mandating defense-specific strategy for quantum readiness.
  • Accelerating the implementation of quantum information science (QIS) technologies across Department of Defense (DoD) operations and missions.
  • Cultivating a workforce that is fluent in quantum physics-powered systems.
  • Examining the risk of quantum computing to GPS systems while also exploring how quantum sensor-enabled GPS technologies can be leveraged in department operations.
  • Establishing a Quantum Capabilities and Competition Office within the DoD to coordinate, lead, and direct the Department's quantum technology efforts.
  • Creating a Quantum Communications Corridor to serve as a network that connects certain defense installations, national laboratories, and universities working on DoD research.
  • Identifying what technologies that leverage quantum computing can be exploited by remote systems and could enable "offensive cyber operations."

Continue reading

Honoring Service and Sacrifice: The Significance of Veterans Day

Posted on by

Each year on November 11, our nation pauses to honor the brave men and women who have served in the U.S. Armed Forces. Veterans Day is more than a federal holiday--it's a day of reflection, gratitude, and unity that underscores the value of service and the ongoing commitment to those who protect our freedoms.

Originally known as Armistice Day, the observance was established to mark the end of World War I. In 1954, it was renamed Veterans Day to recognize veterans from all eras of service. Today, it stands as a time to celebrate the courage, dedication, and resilience of millions of Americans--across generations--who have worn the uniform. Continue reading