New Horizons Blog and Resources

IT managers are tasked with securing their company’s sensitive information and data and the way an organization handles a cybersecurity threat can affect all departments and stakeholders, as well as impact a company’s image which is why it's integral to know how to develop a cybersecurity program. Maybe your company’s current cybersecurity plan needs improvement or maybe your organization is completely new to the concept of cybersecurity. Cybercrime is a threat all companies should prepare for, regardless of their size or industry.

DEFENSE AGENCY AND DOD FIELD ACTIVITY DIRECTORS - MEMORANDUM PENTAGON LEADERSHIP

February 2022

SUBJECT: Continuous Authorization To Operate (cATO)

The Risk Management Framework (RMF) establishes the continuous management of system cybersecurity risk. Current RMF implementation focuses on obtaining system authorizations (ATOs) but falls short in implementing continuous monitoring of risk once authorization has been reached. Efforts in the Department are attempting to emphasize the continuous monitoring step of RMF to allow for continuous authorization (cATO). Real-time or near real-time data analytics for reporting security events is essential to achieve the level of cybersecurity required to combat today’s cyber threats and operate in contested spaces. The purpose of this memo is to provide specific guidance on the necessary steps to allow systems to operate under a cATO state.

We are excited to announce our new apprenticeship program in California for aspiring IT professionals, launched in collaboration with the American Institutes for Research (AIR) and CompTIA.

New Horizons Learning Group is the latest organization to join CompTIA Apprenticeships for Tech, a national initiative to help employers fill current and long-term IT staffing needs through an “earn and learn” apprenticeship program that is also creating employment opportunities for people from a diversity of backgrounds.

In today's fast-paced, content-driven world, how do you implement a cybersecurity strategy? Development teams are expected to crank out apps and software at rapid speed. Consequently, cybersecurity often comes last on the list of priorities. This is a dangerous consequence as cybercrime becomes the U.S.' biggest foreign security threat. Cybersecurity teams and development teams tend to work separately, but when working collaboratively, can become a strong defense against bad actors who seek to destroy the software and apps they've worked so hard to create.

The Pentagon's request for more funding is $800 million more than what the Pentagon wanted last year and includes investments in zero trust architecture and support to the Defense Industrial Base (DIB). This request also includes adding five cyber mission force teams for a total of 142 teams, according to budget documents.

There is no surprise that they are requesting billions of dollars for cyberspace activities in its fiscal 2023 budget. The need for more funding is for various efforts, including increasing cybersecurity support for defense contractors, hardening its own networks, operationalizing zero trust architecture, and for “cyber ranges” much like rifle ranges, but for all things digital. The Pentagon investing to improve readiness in the nation’s cyber force by funding cyber ranges to enable training and exercises in the cyber domain. Finally, the budget lays the foundation for U.S. Cyber Command to have ownership of the mission and resources of the cyber mission force beginning in FY24 as directed in the FY22 NDAA.