Defense primes seek details from subcontractors on initial compliance steps with DOD's new cyber regime

By Sara Friedman / December 7, 2020 at 11:16 AM
The Pentagon's approach to making cybersecurity a foundational part of acquisition is mandating new compliance requirements for the defense industrial base, which could potentially create a division between primes and subcontractors when it comes to information sharing. An interim rule went into effect on Nov. 30 setting up the requirements for the Defense Department's Cybersecurity Maturity Model Certification program, which will be rolled out over a five-year period. In the interim, contractors who handle controlled unclassified information will need to...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.