Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https://means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Welcome to the CyberGeek blog — your one stop for the latest news and insights on cybersecurity and privacy at CMS.
Loading posts...
CRC forum shares updates on CMS cybersecurity efforts, highlighting platform improvements, visibility gains, and user‑driven enhancements across the enterprise.
CMS boosts cybersecurity with CrowdStrike EDR and Tenable One, improving threat detection, visibility, and alignment with federal requirements.
CRM PMO and RDI enhance Cyber Risk Management Operations by automating key workflows, improving data integrity, compliance, and operational efficiency.
Learn the cyber essentials that will prevent critical breaches, eliminate misconfigurations, and build lasting, verifiable security with a Zero Trust approach.
CMS's ISPG offers a variety of 2026 training and events to help all personnel level up their cybersecurity awareness and build practical skills.
The System and Communications Protection (SC) control family is a core component of the CMS cybersecurity program. It safeguards how information is transmitted,
A vishing attack exposes modern Medicare scams that use AI to turn trust into theft.
Learn how to properly manage data quality in order to smooth the path to CDM onboarding and ensure that CMS systems and end users are protected.
CMS’s Access Control (AC) program helps protect sensitive systems and information by managing how access is requested, approved, granted, monitored, and removed
NIST's new co-developed SP 1800-44A DevSecOps framework marks a shift in federal cybersecurity guidance, with pros and cons noted by the industry
