The Pentagon hopes to pick a nonprofit organization to oversee its new Cybersecurity Maturity Model Certification program by January, with CMMC being applied to at least some new contracts by next summer.
As part DoD’s move to shore up its supply chain, the Pentagon is developing with industry and other experts a new cybersecurity maturity model that is borrowing from standards like ISO 9000.
Leslie Weinstein, an Army Reserve officer and consultant for DoD, explains why the Pentagon should follow other sectors and use experts to ensure vendors are meeting cyber requirements.
In a recognition that smaller firms don’t have the infrastructure to defend themselves against sophisticated attacks, DoD will experiment with a secure cloud approach to defending sensitive information.
Starting this week, the Air Force says it wants to introduce new participants into its supplier base where it will sign one-page contracts with small businesses.
Among the options the Pentagon is considering: Conducting its own assessments of whether subcontractors are meeting new requirements to comply with NIST.
A deep-dive study from October on the defense industrial base didn’t get a lot of attention, but Wisconsin Republican Mike Gallagher was among the members of Congress who noticed.
Corbin Evans, director of regulatory policy at the National Defense Industrial Association, joined Federal Drive with Tom Temin for some initial impressions from the study.
The report identifies five macro forces that influence 10 risk archetypes, each of which represents a threat to the stability and security of the defense industrial base.
The Voice of America has fired or proposed to terminate 15 individuals following investigations that found the individuals had accepted improper payments from a foreign official.