VIDEO: CORA Updates – It’s More Than a Name Change!

Established in 2010 by DISA, the Command Cyber Readiness Inspection (CCRI) was known to cause sweat to break out on the brows of cybersecurity professionals throughout the DoD. This rigid assessment was a DoD-led formal inspection to assure accountability and the security posture of DoD Information Networks according to DoD standards.

The inspection could come at any time—with or without warning. And it included having your NIST/STIG cyber compliance examined, your records reviewed, your network vulnerabilities assessed, your physical security analyzed, and your people observed as they work.

In March 2024, the DoD renamed the program. Today, it’s called the Cyber Operational Readiness Assessment (CORA). But the name isn’t all that has changed.

While both CCRI and CORA verify and strengthen cybersecurity compliance with DoD orders and directives, there are some subtle shifts that are worth noting.

CORA reflects a shift in focus from CCRI’s inspection compliance to CORA’s operational readiness posture. It’s a nuance that impacts both the assessments themselves and the way agencies perceive and prepare for the visits.

At 2024’s AFCEA TechNet Cyber, DoD leaders said technologies like automation and AI will play a role in implementing CORA and improving its effectiveness. SteelCloud paves the way for automating many steps along the way to achieving success in the CORA process.

Watch the video to learn more: