The Department of Defense advises companies to first assess themselves for compliance with the Cybersecurity Maturity Model Certification (CMMC) requirements, as certified CMMC assessors are still not ready to audit for the program, FedScoop reported Wednesday.
Stacy Bostjanick, a DOD official working on CMMC, said companies looking to receive early CMMC approval may first test their own network security, while no existing certified third-party assessor organization or C3PAO is prepared to conduct assessments.
Bostjanick noted that she expects several C3PAO companies to have completed the needed accreditation by early summer. Kratos Defense and Security Solutions is among the first few companies that have received accreditation to become a C3PAO.
The five-tier CMMC model is made to standardize the security controls of controlled unclassified information within the defense industrial base.
Related Articles
The U.S. Army has signed new rapid prototype other transactional authority, also known as OTA, agreements with General Dynamics Mission Systems and Pacific Defense to build a chassis that would enable soldiers to plug and play capabilities into military vehicles. Plug-and-Play Capabilities The technology is dubbed CMFF, which is short for Command, Control, Computers, Communications, Cyber, Intelligence, Surveillance and Reconnaissance/Electronic Warfare Modular Open Suite of Standards Mounted Form Factor. It offers both hardware and software designed to converge multiple legacy systems into one chassis in ground and aviation platforms. CMFF is equipped with power, networks and radio frequency to support
The United Kingdom’s National Cyber Security Centre, in partnership with the Cybersecurity and Infrastructure Security Agency, the FBI and other international partners, has published new joint guidance aimed at helping organizations secure their operational technology environments. The document, titled “Creating and Maintaining a Definitive View of Your Operational Technology Architecture,” builds on the recent Foundations for OT Cybersecurity: Asset Inventory Guidance and provides actionable steps to strengthen defenses against cyberthreats, CISA said. CISA is a DHS agency. Potomac Officers Club’s 2025 Homeland Security Summit offers an inside look at the latest programs, technologies and strategies shaping America’s defense against evolving
The National Oceanic and Atmospheric Administration has tapped Raytheon for a mission design and feasibility study on weather imagery capabilities under its Near Earth Orbit Network, or NEON, Stratus project. The company will conduct the Stratus critical design review study under an other transaction agreement NOAA signed with Raytheon valued about $5.9 million, the agency said Friday. Raytheon’s CDR study will focus on a U.S. Space Force design adapted to NOAA’s requirements for Stratus. Under NEON, low-Earth orbit environmental satellites will be launched for weather forecasting, environmental observation and public safety. The program also seeks to demonstrate faster data delivery