An accreditation body facilitating implementation of the Pentagon’s Cybersecurity Maturity Model Certification (CMMC) version 1.0 has opened up training for third-party auditors, according to an official.
The upcoming cyber requirements are a reflection of the Pentagon’s push to protect defense industrial base networks and controlled unclassified information from cyber attacks. The CMMC rules will require contractors to be certified by third-party auditors, which will ensure that companies are adhering to certain standards. As the initiative is phased in, contractors will have to meet different levels of security depending on the work they are performing, with level 1 being the lowest and level 5 the most stringent.
“We are busy doing pathfinders in the DoD. We are getting ready to launch our pilots,” Katie Arrington, chief information security officer in the office of the undersecretary of defense for acquisition and sustainment, said June 24 during a webinar hosted by cybersecurity company PreVeil. “The Accreditation Body opened the door for training registration for [certified third-party assessor organizations] two days ago.”
The CMMC Accreditation Body was set up to train organizations conducting CMMC compliance assessments on behalf of the Pentagon.
Keep reading this article at: https://www.nationaldefensemagazine.org/articles/2020/6/24/pentagon-to-begin-training-thirdparty-cmmc-auditors