Final Rule Authorizing CMMC Req’s for DoD Contracts Takes Effect; Katie Arrington Quoted

Final Rule Authorizing CMMC Req’s for DoD Contracts Takes Effect; Katie Arrington Quoted
Katie Arrington DoD

A rule finalizing the Department of Defense’s (DoD) implementation of Cybersecurity Maturity Model Certification (CMMC) requirements in DoD contracts has taken effect following delays due to the COVID-19 pandemic, FedScoop reported Tuesday. The DoD first published the CMMC requirements in early 2020.

The Defense Federal Acquisition Regulation Supplement (DFARS) rule change finalizes the requirement for contractors to pass CMMC assessments based on five levels of cyber maturity. Information on contractor assessments will be housed in the Enterprise Mission Assurance Support Services database, according to DoD officials.

Katie Arrington, chief information security officer of defense for acquisition and sustainment and a 2020 Wash100 Award recipient, said at an AFCEA event that the Pentagon plans to issue a press release on contracts that will initially require CMMC certification.

The Pentagon plans to enact a five-year rollout plan for the CMMC effort to help contractors prepare for assessments and secure certification, according to the report.

You may also be interested in...

Anthony Iasso

Anthony Iasso Named Xator CTO; CEO David Scott Quoted

The Xator Corporation announced on Friday that Anthony Iasso has been appointed the company’s new chief technology officer. Xator CEO David Scott elaborated that Iasso would take advantage of Xator’s key investments in the company’s acquisitions and tech capabilities to further propel its solution offerings for its customers.