Katie Arrington

The Defense Department signed its agreement with the CMMC Accreditation Board, kicking off the training for third-party assessors and the release of the necessary documents to help vendors prepare to meet the standards.

Vendors are waiting for the Defense Department to release more details, including the proposed acquisition rule, about how it will apply the new Cybersecurity Maturity Model Certification starting this year.

Tim Li, principal at Deloitte, joins host John Gilroy on this week’s Federal Tech Talk to talk abouts Zero Trust, cybersecurity, and how federal agencies can incorporate best practices for identity management.

The Pentagon published the 1.0 version of its Cybersecurity Maturity Model Certification program on Friday after several months of listening sessions on draft editions. CMMC will make its way into Defense contracts later this year.

With the Cybersecurity Maturity Model Certification accreditation board set up, the Pentagon expects to release version 1 of the cyber standards on Friday that will kick off the effort in earnest.

A draft version of the Defense Department’s Cybersecurity Maturity Model Certification, an assessment designed to measure and monitor cybersecurity practices of its contractors, is open for public comment.

The Pentagon hopes to pick a nonprofit organization to oversee its new Cybersecurity Maturity Model Certification program by January, with CMMC being applied to at least some new contracts by next summer.

As part DoD’s move to shore up its supply chain, the Pentagon is developing with industry and other experts a new cybersecurity maturity model that is borrowing from standards like ISO 9000.