As cyber threats continue to increase in scale and impact across organizations of all sizes, cybersecurity must be considered as a key component of both information security and risk management programs.
The Defense Security Service (DSS) now requires all cleared contractors processing classified information to transition to the new Risk Management Framework (RMF), leaving contractors with the task of ensuring their information systems comply with the new framework.
At a high level, the intent of this new framework is as follows:
• Manage risk more effectively and efficiently
• Build trust across the U.S. Federal government
• Establish a common foundation for information security
• Streamline DSS processes