DOD Encourages Self Assessments in Preparation for CMMC Cybersecurity Program's Further Implementation

The Department of Defense advises companies to first assess themselves for compliance with the Cybersecurity Maturity Model Certification (CMMC) requirements, as certified CMMC assessors are still not ready to audit for the program, FedScoop reported Wednesday.

Stacy Bostjanick, a DOD official working on CMMC, said companies looking to receive early CMMC approval may first test their own network security, while no existing certified third-party assessor organization or C3PAO is prepared to conduct assessments.

Bostjanick noted that she expects several C3PAO companies to have completed the needed accreditation by early summer. Kratos Defense and Security Solutions is among the first few companies that have received accreditation to become a C3PAO.

The five-tier CMMC model is made to standardize the security controls of controlled unclassified information within the defense industrial base.

Tags:

cmmc
Cybersecurity
cybersecurity maturity model certification
Defense Department
DoD
Executive Mosaic
ExecutiveGov
featured
govcon
govcondaily
kratos defense and security solutions
news
press releases
stacy bostjanick

DOD Encourages Self Assessments in Preparation for CMMC Cybersecurity Program’s Further Implementation

X Development, DIU Prototyping AI-Powered Disaster Response Awareness & Analysis Technology

CISA & Partner Agencies Issue Guidance on Defending US Election Infrastructure Against Foreign Influence Threats

SpaceWERX, Aerospace Corporation Launch Tech Advancement Initiative for Small Businesses