The Big Blog

David R. Shedd didn’t come to the conversation as a commentator. He came as a former Deputy Director and Acting Director of the Defense Intelligence Agency, someone who spent a career watching adversaries play the long game. In a recent virtual discussion with CSIS’s Dr. Seth G. Jones, Shedd walked through the core argument of his new book, The Great Heist: China’s Epic Campaign to Steal America’s Secrets : over the last few decades, China has executed a structured campaign

Why Self-Built CMMC Enclaves Fail In the world of defense contracting, achieving compliance with the Cybersecurity Maturity Model Certification (CMMC) is essential for handling Controlled Unclassified Information (CUI). A key component in this process is the CMMC enclave—a secure, isolated environment designed to protect CUI from unauthorized access and cyber threats. However, many organizations, particularly small and medium-sized enterprises (SMEs), opt to build their own C

In the defense and national-security world, few compliance topics create more confusion—or more unintentional violations—than Controlled Unclassified Information (CUI) and the International Traffic in Arms Regulations (ITAR). Both involve sensitive information. Both impose strict requirements. Both can burn your organization to the ground if mishandled.