Katie Arrington: Pentagon’s Cyber Certification Model Specifically Designed for Small Businesses

Jeff Brody
Katie Arrington

Katie Arrington, special assistant to the assistant secretary of defense for acquisition for cyber, said the Department of Defense’s new cybersecurity certification model seeks to help small businesses comply with cyber controls through a tiered rating system depending on the platforms they are asked to protect, Fifth Domain reported Tuesday.

Arrington stated that the new Cybersecurity Maturity Model Certification seeks to strengthen the security of small businesses, which are being targeted by nation state-backed cyber attacks, and level the playing field when it comes to cybersecurity.

In September, the Pentagon issueddraft version of CMMC, which establishes cyber practices and standards meant to help the defense industrial base reduce exfiltration of controlled unclassified information.

The draft CMMC v0.4 has five levels ranging from basic cyber hygiene to highly advanced practices and each level has specific practices and activities that need to be implemented by stakeholders to achieve a capability.

You may also be interested in...

Robert Wood

Robert Wood: CMS to Adopt Security-Oriented Standard for Software Bill of Materials

Robert Wood, chief information security officer at the Centers for Medicare and Medicaid Services (CMS), said that the CMS has started to lay the groundwork for how the agency incorporates a security-oriented software bill of materials into information systems, Nextgov reported Friday.