Katie Arrington of the Department of Defense said DoD’s move to come up with a new cybersecurity certification model seeks to get a better oversight of the defense supply chain, Federal News Network reported Thursday.

DoD issued on Wednesday a draft version of the Cybersecurity Maturity Model Certification, which establishes cyber standards and practices meant to help the defense industrial base reduce exfiltration of controlled unclassified information.

“Every company within the DoD supply chain — not just the defense industrial base, but the 300,000 contractors — are going to have to get certified to do work with the Department of Defense,” Arrington, chief information security officer for DoD’s office of the assistant secretary of defense for acquisition, said at the Intelligence and National Security Summit.

Arrington cited the Pentagon’s use of the cybersecurity framework to facilitate discussions about the defense supply chain.

“We get everyone on a level-set playing field for cybersecurity, and then we can really start looking at our supply chain, where our most and greatest vulnerabilities lie and how we can work together in a collaborative event with industry,” she said.

Arrington said she sees the model as a way to shift from disparate requirements toward a framework focused on securing the defense supply chain.

The draft CMMC v0.4 has five levels ranging from basic cyber hygiene to highly advanced practices and consists of 18 domains, including access control, asset management and incident response.

Public comments on the draft model are due Sept. 25.

Grant Schneider, federal chief information security officer, said China is considered to be the biggest threat to the U.S. in the cyber space domain, The Hill reported Wednesday.

China is “an adversary that has displayed their intent, has clear means to get into and attack our critical infrastructure systems, our government systems, you name it, both from an intellectual property theft point of view, as well as an espionage point of view,” he said at the Billington Cybersecurity Summit in Washington.

His statements come amid the current administration’s trade dispute with China, stemming from national security concerns associated with Chinese telecommunications firm Huawei.

Anne Neuberger, who directs the National Security Agency’s new Cybersecurity Directorate, spoke about the upcoming elections’ vulnerability to ransomware attacks, The Hill reported Wednesday.

The newly formed directorate will focus efforts on ransomware in general, Neuberger said at Billington CyberSecurity’s 10th annual summit that takes place from Wednesday to Thursday. NSA will formally launch the new directorate this October.

Ransomware blocks users from computer access via encryption until a certain amount of money is paid. Recent cases of ransomware have been occurring in cities across the country.

Neuberger also talked about the directorate’s efforts to protect the nation from cyber threats led by adversaries such as China, Russia, North Korea and Iran.

Bobby Duffy, special IT advisor to the Department of Homeland Security’s Office of Inspector General, said that the department seeks to address cost, billing and security issues related to commercial cloud implementation, FCW reported Wednesday.

Duffy told attendees at the Advanced Technology Academic Research Center’s meeting for the new Federal Cloud and Infrastructure Working Group in Washington, D.C. that billing has become a challenge as DHS plans to transition more operations to the cloud by the end of fiscal year 2019. The department has already migrated 10 percent of its applications so far, according to Duffy.

Gerald Caron, director of enterprise network management at the Department of State, added that he wants to implement action plans on addressing matters such as international data centers, internet connection regulations and telecommunications requirements as the department continues to work on its cloud issues.

Duffy and Caron’s comments come as the new ATARC working group begins its efforts to address a range of cloud implementation challenges.

Will Roper, assistant secretary of the Air Force for acquisition, technology and logistics, has said that creating a Space Force may lead to reorganization issues at the service branch, Space News reported Wednesday. The Senate’s 2020 National Defense Authorization Act, which mandates the establishment of a Space Force, also directs the appointment of a standalone acquisition executive for space programs to ensure that proper attention is given to space programs.

Roper, a 2019 Wash100 winner, told the publication at a Defense News conference in Arlington, Va. that the reorganization of the Air Force acquisition office may create cost and inefficiency issues.

“I try to provide useful advice and let Congress make its choice,” he said. “Whatever the choice is, we’re ready to fully support.”

According to Roper, having separate offices and leaders for air and space programs would result in management difficulties and “end up making space a second class citizen.” He added that the move would significantly impact multidomain programs that require interoperability between air and space capabilities.