| TUESDAY, NOV. 11, 2025 | So what about that info that was taken in the F5 incident? A big deal announced Monday gives federal agencies access to secure agentic AI. And how the defense contracting world is dealing with CMMC 2.0. This is CyberScoop for Tuesday, November 11. |
|
|
|
What's left to worry about with F5After a nation-state attacker stole sensitive intelligence—including BIG-IP source code and details on 44 internal vulnerabilities—from F5’s internal systems, cybersecurity researchers voiced only muted concern about the immediate risks, noting that most of the exposed flaws are difficult to exploit and not critical. Beneath the surface, though, experts caution that the real danger lies in the hands of attackers now armed with valuable source code—giving them the potential to develop zero-days and create long-term, strategic threats that could eventually ripple through global supply chains. As F5 works with security partners to monitor the fallout, Matt Kapko's story serves as a reminder that the true consequences of such a breach may unfold quietly and unpredictably, demanding vigilance from enterprises and government alike. Read it here. |
|
|
Cyber Resilience in Government Summit | Dec 10, 2025The Rubrik Public Sector Summit will convene leading voices from Federal, State, and Local government, education, and industry to explore how organizations can strengthen their cyber defense posture, build resilience into critical infrastructure, and ensure continuity of operations even when prevention measures fall short. Register today!
|
|
|
Secure agents for federal agenciesBigBear.ai announced it will acquire Ask Sage, a generative AI platform specializing in secure and compliant AI solutions for defense and other regulated industries, in a deal valued at approximately $250 million. Ask Sage—which holds the top-tier FedRAMP High security certification—focuses on enabling safe, model-agnostic deployment of autonomous AI agents for organizations handling classified and sensitive information. The acquisition, set to close by early 2026, underscores the growing demand for artificial intelligence that meets stringent security standards in the national security, defense, and critical infrastructure sectors. Greg Otto has more. |
|
|
|
|
CyberTalks | Feb 19, 2026CyberTalks presents a powerful opportunity to hear from the leading voices at the intersection of government and the technology industry on the latest tactics to combat these new risks. CyberTalks also provides an invaluable forum for exchanging ideas and best practices on ways to bolster digital defenses and promote cyber resiliency. Register now!
|
|
|
CMMC 2.0 requirement reshapes contractingThe Defense Department has officially mandated Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0) for all new contracts, starting a phased rollout that will require defense contractors and their supply chains to prove compliance with cybersecurity requirements. Despite years of warning, experts say confusion, misconceptions, and preparation gaps remain across the defense industrial base—especially among smaller firms—due to CMMC’s contentious history and the looming challenge of third-party assessments. As the rollout accelerates, industry players face mounting pressure to adapt, with some firms set to lose contract opportunities or exit the market entirely if they cannot demonstrate adequate cybersecurity controls. Mikayla Easley has more on DefenseScoop. |
|
|
|
Comments
Post a Comment
Please leave a comment about our recent post.