The Cybersecurity Maturity Model Certification regulations were created by the Department of Defense to strengthen cybersecurity in the supply chain of the Defense Industrial Base and Version 1.0 was released on Jan. 31.
Defense contractors have continued to make changes and advance regulations internally to prepare for the new model. For example, Summit 7 Systems has expanded its Cybersecurity Practice Area with software and services to prepare defense and aerospace contractors for compliance with the new CMMC regulations.
Summit 7 Systems has integrated Microsoft's Office 365 GCC High and Azure Government Cloud Platforms to expand security measures and prepare for third party audits.
The new CMMC regulations eliminate self-certification of compliance, and DIB Contractors will be required to undergo 3rd-party audits of their information technology systems and cybersecurity policies by independent assessment companies trained in CMMC regulations to receive a CMMC compliance level ranging from Level 1 to Level 5.
Katie Arrington, CISO for Assistant Secretary for Defense Acquisition and 2020 Wash100 Award recipient, stated, “Our adversaries are working hard every day to exfiltrate, hack, and breach our supply chain. CMMC is about creating critical thinking skills for Cybersecurity, and not another checklist. I don't want to lose a single supplier, but the culture of the DoD has changed and cyber best practices are now mandatory.“
Arrington will serve as a keynote speaker at the CMMC Forum 2020. She will address the CMMC's timeline, how the certification process could change and will provide a memorandum of understanding with a newly established CMMC accrediting body.
A full expert panel will include Ty Schieber, senior director of executive education and CMMC-AB chairman of the University of Virginia and Richard Naylor of the Defense Counterintelligence and Security Agency (DCSA) among other members of the federal sector and industry.
Register here to join Potomac Officers Club for its CMMC Forum 2020 on April 2nd to learn about the impact DoD's CMMC will have on cybersecurity practices, supply chain security and other aspects of the federal market.