Katie Arrington: Pentagon’s Cyber Certification Model Specifically Designed for Small Businesses

Jeff Brody
Katie Arrington

Katie Arrington, special assistant to the assistant secretary of defense for acquisition for cyber, said the Department of Defense’s new cybersecurity certification model seeks to help small businesses comply with cyber controls through a tiered rating system depending on the platforms they are asked to protect, Fifth Domain reported Tuesday.

Arrington stated that the new Cybersecurity Maturity Model Certification seeks to strengthen the security of small businesses, which are being targeted by nation state-backed cyber attacks, and level the playing field when it comes to cybersecurity.

In September, the Pentagon issueddraft version of CMMC, which establishes cyber practices and standards meant to help the defense industrial base reduce exfiltration of controlled unclassified information.

The draft CMMC v0.4 has five levels ranging from basic cyber hygiene to highly advanced practices and each level has specific practices and activities that need to be implemented by stakeholders to achieve a capability.

You may also be interested in...

Maria Roat

Maria Roat on Federal CIO Council’s Data-Sharing Priorities

Maria Roat, deputy federal chief information officer and a 2020 Wash100 Award recipient, has said the Federal CIO Council seeks to make investments in identity and access management as well as data-sharing protocol updates. Roat said that the council seeks to improve data-sharing across systems that handle large volumes of critical information such as the Department of Health and Human Services’ HHS Protect.