CMMC looks to clear up questions about cybersecurity assessors
The Accreditation Body for the Cybersecurity Maturity Model Certification (CMMC) has released more information about training and approval for people who want to be third-party assessors.
Why government is slow to endorse frameworks for quantifying cybersecurity risk
Until individual agencies like the Department of Energy and Department of the Treasury see success quantifying risk, the practice won't likely be mandated.
FedRAMP issues new continuous monitoring guidance and requirements
FedRAMP issued new documents detailing the requirements needed for automated scanning.