Experts: CMMC principles buy down supply chain risk, but no guarantee against sophisticated SolarWinds-like attacks

By Sara Friedman / March 8, 2021 at 4:19 PM
Meeting the standards laid out in the Pentagon's Cybersecurity Maturity Model Certification program is a necessary start to buying down supply chain risk through establishing good cyber hygiene, but cyber experts say CMMC would not necessarily have helped contractors detect or prevent exposure to the SolarWinds attack. The CMMC program's current focus is on level three, which establishes a cyber regime around controlled unclassified information. Inside Cybersecurity spoke with attorneys about the benefits of CMMC for the defense industrial...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.