Pentagon plans to add certification controls from old CMMC model through work with NIST

By Sara Friedman / December 8, 2021 at 11:56 AM
The Pentagon will make changes to its Cybersecurity Maturity Model Certification program by working with the National Institute of Standards and Technology to revise Special Publication 800-171, according to Defense Department assessment leader John Ellis, who says DOD has plans to propose additional controls from the old CMMC model for inclusion in the next update to the key NIST publication. DOD announced major changes on Nov. 4 to align the CMMC program more closely to NIST SP 800-171, which serves...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.