The Defense Department anticipates that by next year 7,500 companies in its industrial base will hold certifications that they meet new cybersecurity requirements.
The Cybersecurity Maturity Model Certification version 1.0 requirements are part of the Pentagon’s push to protect industrial base networks and controlled unclassified information from cyber attacks. The CMMC rules will require contractors to be certified by third-party auditors, which will ensure that contractors are adhering to certain standards. Organizations will be required to meet different levels of security requirements depending on the type of work they are doing, with level 1 being the least burdensome and level 5 the most stringent.
An “estimated 7,500 companies will be certified in 2021,” Katie Arrington, chief information security officer in the office of the undersecretary of defense for acquisition and sustainment, said during a webinar hosted by cybersecurity company Celeruim “That doesn’t seem like a lot but if you think about the interconnectivity of the [defense industrial base] it’s a certification that’s good for all DoD contracts for three years.”
By 2026, all solicitations are expected to include CMMC standards that companies must meet if they want to do business with the Pentagon.
Keep reading this article at: https://www.nationaldefensemagazine.org/articles/2020/7/23/pentagon-expects-7500-companies-cmmc-certified-by-2021
