Tag Archives: katie arrington

Katie Arrington: CMMC Requirements Open to Changes as DoD Factors in Public Comments

Katie Arrington

Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the requirements and other elements of the Cybersecurity Maturity Model Certification program could still change as the Department of Defense assesses the public comments submitted through the end of November, Nextgov reported Wednesday.

Read More »

Katie Arrington on Pentagon’s New Agreement With CMMC Accreditation Body

Katie Arrington

Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the Department of Defense (DoD) is close to signing a new agreement with the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body responsible for training auditors for the CMMC program.

Read More »

Katie Arrington: DoD Should Transform Workforce Culture Around DevSecOps

Katie Arrington

Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the Department of Defense (DoD) should step up efforts to change the workforce culture around DevSecOps. She noted that DoD should educate its personnel about DevSecOps and cited how the department’s Adaptive Acquisition Framework could help advance DevSecOps adoption.

Read More »

Rule Change to Include CMMC Requirements in Contracts On Track; Katie Arrington Quoted

Katie Arrington

The Department of Defense (DoD) is on track with the final step to begin integrating Cybersecurity Maturity Model Certification (CMMC) requirements into contracts. The full CMMC program will be implemented over a period of five years and the Pentagon said contractors should expect to see such requirements in a few contracts by the end of 2020.

Read More »

DoD Formalizes Nonprofit Board’s Authority to Certify Third-Party Cybersecurity Assessors

dod-formalizes-nonprofit-boards-authority-to-certify-third-party-cybersecurity-assessors

Ty Schieber, chairman of the Cybersecurity Maturity Model Certification accreditation board, said the Department of Defense has granted the nonprofit group formal authority to select third-party assessment organizations that will audit companies' CMMC compliance, FedScoop reported Thursday.

Read More »

How COVID-19 Outbreak Affects DoD CMMC Implementation; Katie Arrington Quoted

blank

Katie Arrington, 2020 Wash100 Award recipient and the chief information security officer for the Department of Defense (DoD) acquisition, stated that training of third party assessors for the Cybersecurity Maturity Model Certification (CMMC) program was slated to start in mid-April, but the coronavirus (COVID-19) outbreak may affect the projected implementation. 

Read More »

A Look Into CMMC Maturity Framework and its 5 Levels

blank

In January, the U.S. Department of Defense released Version 1.0 of its Cybersecurity Maturity Model Certification framework (CMMC). By 2026, DoD plans to require CMMC certification for all defense contracts. Contractors in the defense industry supply chain will be required to develop, assess, and augment cybersecurity practices, earning different maturity levels. 

Read More »