The Defense Department is working on a no-cost contract with the independent authority that oversees the accreditation process for its Cybersecurity Maturity Model Certification program.
Thursday, May 2, 2024
Thursday, May 2, 2024
Key Issues Budget 'parity' Summer CUAS demo EW in Ukraine
The Defense Department is working on a no-cost contract with the independent authority that oversees the accreditation process for its Cybersecurity Maturity Model Certification program.
A leading professor at the Defense Acquisition University is urging Defense Department commands and acquisition offices to hold off on adding requirements related to the Pentagon's cyber certification program into their contract opportunities.
Members of the Cyberspace Solarium Commission are urging Congress to consider expanding the Pentagon's Defend Forward strategy to review the current state of military cyber capabilities and incorporate new ways to engage with the defense industrial base.
The Defense Department has issued guidance for its procurement units on how to process and review waiver requests for contractors who wish to continue using banned equipment and services from Chinese companies Huawei and ZTE.
Booz Allen Hamilton is working with clients and its own subcontractors to help prepare for the Pentagon's Cybersecurity Maturity Model Certification program through identifying gaps and assisting with remediation.
The independent accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program has formally opened up applications for a range of certifications, after a month-long soft launch which generated approximately 300 organization and 775 individual registrations.
The Defense Department is expected to publish a proposed acquisition rule in July that is needed to implement the Cybersecurity Maturity Model Certification program, according to a DOD official, although it's unclear whether a planned public hearing will be held on the proposal.
The Defense Department has issued an interim rule to ban contractors who use equipment and services from Chinese companies Huawei and ZTE from obtaining government contracts.
The General Services Administration has released a final request for proposals for small businesses that want to provide IT services to agencies that could have lasting repercussions for contractors wanting to do business with the Defense Department and civilian agencies, according to a leading contract lawyer.
The National Institute of Standards and Technology has released a new draft to guide the Defense Department on how to define controlled unclassified information requirements for industry, in line with the maturity levels of the Pentagon's cyber certification program.
The Cyberspace Solarium Commission is advocating for getting up to 20 recommendations from the group's report included in this year's defense policy bill, according to commission Executive Director Mark Montgomery, who says the creation of a national cyber director and a Joint Cyber Planning Cell within the Cybersecurity and Infrastructure Security Agency are among the top priorities.
The Army is looking for industry solutions that are able to meet requirements of the Cybersecurity Maturity Model Certification program in a solicitation for its Assault Breacher Vehicle Remote Control System program, months ahead of when the first Defense Department contract solicitations with CMMC language will be released.
More work is needed to define the policies and procedures behind the Pentagon's Cybersecurity Maturity Model Certification program that go beyond a memorandum of understanding with its accreditation body, according to a leading tech industry association.
Roles and responsibilities of the Defense Department and the accreditation body for its Cybersecurity Maturity Model Certification program are detailed in a memorandum of understanding released this week, which spells out how government will work with industry to conduct cyber verification assessments for the defense industrial base.
The Defense Department provided new details this week on the memorandum of understanding with an independent accreditation authority that will certify companies under the Cybersecurity Maturity Model Certification program.
The independent accreditation body for the Pentagon's Cybersecurity Maturity Model Certification program is collecting information from potential vendors who are able to provide a platform for assessors to take their exams for certification.
The Cybersecurity Maturity Model Certification Accreditation Body is developing standards for assessment that are adaptive to changes made to "source documents" coming from the Defense Department, according to CMMC AB board member Regan Edens.
The accreditation group for the Pentagon's Cybersecurity Maturity Model Certification program says details released on its provisional program for auditors and assessors were published "inadvertently" on its website, and crafting the requirements and application details for the program is still in process.
The independent accreditation body developing standards for auditors and assessors under the Defense Department's Cybersecurity Maturity Model Certification program has circulated information on how the provisional program will work, including fees and an initial structure for the selection process for third-party assessors.
The Pentagon is moving aggressively under its cybersecurity certification program to create a framework and structure for contractors, vendors, and suppliers to get up to speed on what they will need to do to get certified, according to a top Defense Department official, but the process of changing acquisition rules to make the program effective could be delayed.