Pentagon outlines new Cybersecurity certification models for contractors

0

US Department of Defense(DoD) widely known as Pentagon has come up with a set of Cybersecurity Certification models for contractors and subcontractors to bring in the best set of Cybersecurity practices into the pipeline.

Pentagon has ensured that its new set of guidelines will set the stage for a broader, more intricate journey to well-recognize the supply chain network related to defense.

Early this week, the DOD released a new set of draft-line for the Cybersecurity Maturity Model Certification (CMMC) to channelize the legal framework for the current set of cyber demands.
The draft will be available for the public to access till Sept 25 this year to suggest any changes or situations rising for the new set of the framework.

“So, from now on any contractor/sub-contractor including all those 300,000 already on board will be required to get certified for their work before anything big will be entrusted to them,” said Katie Arrington, CIO, DoD.

Arrington added that the model covers over 18 domains based on 5 levels which meet all vectors specified by the National Institute of Standards and Technology (NIST).

Readers of Cybersecurity Insiders are hereby notified that security researchers from John Hopkins University, Carnegie Mellon University and members belonging to the Defense Industrial Base Sector Coordinating Council and Defense Industrial Association have also offered inputs for framing the certification model of DOD.

By Jan next year, the CMMC certification will be made mandatory for all contractors dealing with the defense projects. And the model is expected to go live from June’19.

Pretty soon, the Pentagon might also formulate a new set of guidelines to the supply chain companies working for US Defense projects.