Small businesses are increasingly being targeted digitally by nation states, according to Department of Defense officials, who say more must be done specifically to evaluate and reinforce the security of contractors battling cyberattacks.
“We’re losing,” said Katie Arrington, special assistant to the assistant secretary of defense for acquisition for cyber within the office of the undersecretary of defense for acquisition and sustainment, speaking Oct. 7 at an AFCEA-hosted event.
Arrington explained that adversaries cost the country $600 billion a year and that, with 5G on the horizon, that amount must be multiplied by “umpteenth” in 2025 given the near-unlimited bandwidth for cyber campaigns technology promises. As a result, Arrington said, the forthcoming cybersecurity maturity model certification (CMMC) was designed specifically for small businesses.
What does state-of-the-art cybersecurity look like to the Pentagon?
The Department of Defense is cracking down on contractor cybersecurity.
By: Mark Pomerleau
The CMMC is a framework that grades company cybersecurity on a scale of one (least secure) to five (most stringent). What small businesses will be asked to do is comply with a tiered rating system depending on the systems they’ll be working on.
What this means is if a company is working on janitorial services, they may only need to comply with level 1 of CMMC as opposed to level 3, which is equivalent to NSIT 800-171 regulations, or level 4 that is reserved for exquisite systems.
In the past, there was a two-tiered system for small businesses to be compliant, A ..
Support the originator by clicking the read the rest link below.
