If you're a defense contractor or part of the Defense Industrial Base (DIB), your SPRS score isn’t just a number; it’s a gatekeeper to federal contracts. With the Cybersecurity Maturity Model Certification (CMMC) program gaining traction, understanding your Supplier Performance Risk System (SPRS) score is critical to maintaining contract eligibility and securing future opportunities.

You may have recently received an email from Microsoft announcing the upcoming discontinuation of the Microsoft 365 Business Premium and Office 365 E1 “Grant” licensing, which is provided directly by Microsoft at no cost.  Existing Microsoft 365 Business Premium and Office 365 grant recipients can continue service through their next renewal on or after July 1, 2025. 

As CMMC (Cybersecurity Maturity Model Certification) edges closer to becoming a contract requirement across the board, many defense contractors are still wrestling with a foundational question: What will CMMC compliance really cost us? And perhaps more importantly—how do we budget for it effectively when there's still so much uncertainty?

Fortinet has announced a critical vulnerability surrounding FortiSwitch Firmware. The vulnerability is related to the switch's password change function. An unauthenticated attacker with access to the GUI could modify passwords via specially crafted requests.  

Cybersecurity threats continue to rise in both volume and sophistication and for credit unions, the stakes are especially high. In response, regulatory oversight has intensified as the National Credit Union Administration (NCUA) has named cybersecurity its top supervisory priority for 2025. Credit unions—particularly those with limited internal IT capacity—must

Statewide challenge is a key experience in developing Maine’s workforce.

For nearly a decade, the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT) has been an important tool for many financial organizations assessing cybersecurity risks. It has provided a standardized way to evaluate both inherent risks and cybersecurity maturity. However, as cyberthreats evolved, the CAT struggled to keep pace. The tool's static nature meant updates were infrequent, leaving credit unions with outdated guidance in a rapidly changing environment.