Coronavirus Will Not Delay Pentagon’s Contractor Cybersecurity Program, Official Says

Coronavirus Will Not Delay Pentagon’s Contractor Cybersecurity Program, Official Says

The Defense Department officially entered into an agreement with the nonprofit corporation that will serve as the accreditation body for its Cybersecurity Maturity Model Certification program, the chief information security officer for the department’s acquisition office confirmed. 


“Yesterday the CMMC accreditation body made a public post that we have executed the [memorandum of understanding],”  said Katie Arrington, who is spearheading the program and participated in a webcast on the issue Thursday. 


A resolute Arrington sought to quash any idea that the government’s efforts to contain the coronavirus pandemic would delay the Defense Department’s plan to validate contractors’ cybersecurity claims using independent third-party auditors. 


“We, all of us that are mission-essential, have been working on COVID-19, but,” she said, “although we are working diligently to ensure we are doing our best in the Department of Defense to save lives, work does continue and we are not slowing our roll at all.”


Arrington and other webinar participants noted the extensive impact the CMMC is expected to make across the federal government, its contractors and international partners.


The CMMC standard is built primarily on National Institute of Standards and Technology Special Publications such as 800-171 and 800-53, to which defense contractors have so-far been self-attesting their compliance. But, as Arrington said, the CMMC is augmented by standards used in the United Kingdom, Australia and the European Union.


“We didn’t want to create something, a unified standard for maturity, that wasn’t inclusive of everything that we could possibly find,” Arrington said.


The need for a unified standard tracks with global conversations about cybersecurity, said Norma Krayem, vice president and ..

Support the originator by clicking the read the rest link below.