Home / News / Industry Experts Cite Concerns Over Scope, Deadlines in NDAA Provisions

Industry Experts Cite Concerns Over Scope, Deadlines in NDAA Provisions

Gordon Bitko, senior vice president for policy and public sector at the IT Industry Council, said there's an “arbitrary rush” for agencies to meet the National Defense Authorization Act's deadlines, Federal News Network reported Monday.

The NDAA requires the Department of Defense to “develop a consistent, comprehensive framework” for improving the security of the defense industrial base by February. The Cybersecurity Maturity Model Certification effort, launched last year, must be presented to lawmakers by March 11.

According to Bitko, DoD might “create a duplicative infrastructure” if it doesn’t address issues such as CMMC’s scope, its applicability to the supply chain and the feasibility of conducting certifications for thousands of vendors every three to five years.

In addition the CMMC, the NDAA also requires the Pentagon to pilot two to five projects involving “alpha contracting teams” for complex acquisitions.

Matthew Cornelius, executive director of the Alliance for Digital Innovation, said the effort will bring out the best in industry, academic and government entities if done correctly.

“These initiatives should be broadly scoped so as to allow true collaboration and technical expertise to influence better buying decisions and not bias outcomes towards a single, established entity,” he noted.

Check Also

Navy Chief Adm. Michael Gilday Asks for Higher Budget to Pursue Plans

Adm. Michael Gilday, chief of naval operations, said the U.S. Navy needs a higher budget to comply with the Trump administration's demands, Defense News reported Tuesday. He said at the Surface Navy Association's annual symposium that the service branch's Columbia-class submarine program has been taking too much a percentage of the budget.