The organization would be responsible for running the department’s Cybersecurity Maturity Model Certification.
The Defense Department is looking to stand up a nonprofit organization to measure the strength of its contractors’ cybersecurity practices.
The group would be responsible for running the vendor accreditation process under the Pentagon’s new Cybersecurity Maturity Model Certification, or CMMC. The framework, which was released in draft form last month, will serve as a yardstick for determining if contractors are taking sufficient steps to protect the sensitive military data that resides on their networks.
The certification process is intended to push the Pentagon’s extensive network of vendors to strengthen their digital defenses, or at least adopt protections that are appropriate for the sensitivity of their work. The program comes adversaries like China increasingly target defense contractors to steal military secrets.
Keep reading this article at: https://www.nextgov.com/cybersecurity/2019/10/pentagon-standing-nonprofit-assess-vendor-cybersecurity/160425/