Hubbard Radio Washington DC, LLC. All rights reserved. This website is not intended for users located within the European Economic Area.
On Air: Federal News Network
DHS lays out new ‘cybersecurity readiness’ metrics for contractors
The Department of Homeland Security will use a “cybersecurity readiness” assessment to evaluate whether contractors have appropriate cyber defenses in place prior to making contract awards.
DHS published the details of the new “cybersecurity readiness evaluation factor” in a Nov. 1 notice signed by Kenneth Bible, DHS’ chief information security officer, and Sarah Todd, DHS’ executive director of acquisition policy and legislation.
The notice confirms DHS’ plan to use its own approach for evaluating contractor cybersecurity rather than adopting the Defense Department’s Cybersecurity Maturity Model Certification (CMMC) program.
“It is the department’s intention to ensure that effective and appropriate cybersecurity measures are in place by vendors supporting work where such measures are necessary,” the DHS officials write in the new notice. “This new evaluation factor will enable DHS to evaluate vendors’ cybersecurity posture pre-award for applicable contracts to inform a best value tradeoff award decision.”