Katie Arrington, 2020 Wash100 Award recipient and the chief information security officer for the Department of Defense (DoD) acquisition, stated that training of third party assessors for the Cybersecurity Maturity Model Certification (CMMC) program was slated to start in mid-April, but the coronavirus (COVID-19) outbreak may affect the projected implementation.
"Everything was on schedule; I have no idea how this is going to impact things. I don't know if it will, I don't know if it won't because we were doing online training in some cases," Arrington said. DoD previously said the training would take place from January to June.
Arrington noted that DoD has announced that the department will stay as close to on schedule as possible while respecting health concerns. The training may implement remote training via webinars and live streams.
The first version of CMMC was released in January with its independently-assembled accreditation body selecting a chair and standing up soon after. The CMMC Accrediting Body is now developing the curriculum for third party assessors and structuring itself to tackle issues surrounding the cyber standards governance and implementation.
Ellen Lord, DoD's head of acquisition, also warned businesses of people claiming to be CMMC assessors, which have not been finalized. "Moving forward I am confident we will soon sign a Memorandum of Understanding with the Cybersecurity Maturity Model Certification Accreditation Body on the accreditation, certification and approval processes relating to the Defense Supply Chain. When that happens we will make an announcement."
That date could be soon, according to Arrington concluded that deliberation had been finalized and the memo is "in queue to be signed" by Lord.
Arrington will serve as a keynote speaker at the CMMC Forum 2020. She will address the CMMC’s timeline, how the certification process could change and will provide a memorandum of understanding with a newly established CMMC accrediting body.
A full expert panel will include Ty Schieber, senior director of executive education and CMMC-AB chairman of the University of Virginia and Richard Naylor of the Defense Counterintelligence and Security Agency among other members of the federal sector and industry.
Register here to join Potomac Officers Club for its CMMC Forum 2020 to learn about the impact DoD’s CMMC will have on cybersecurity practices, supply chain security and other aspects of the federal market.