Assessors for the new cybersecurity standard for Department of Defense (DoD) contractors have not yet been selected, but a Department of Homeland Security (DHS) official praised DoD’s efforts and said his department is looking toward their example.
The Cybersecurity Maturity Model Certification (CMMC) is DoD’s vehicle for shoring up the cybersecurity of the roughly 300,000 contractors in the defense industrial base. The assessors for the program won’t be trained until later this summer, but DoD is planning on putting the standard into contracts this year.
“It’s been one of the most impressive efforts done by the U.S. government,” said Bob Kolasky, assistant director at DHS’ Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC), of the CMMC. “It really has the potential to change practices across the defense industrial base supply chain.”