Tag Archives: katie arrington

Katie Arrington, chief information security officer at the office of the assistant secretary of Defense for Acquisition and Sustainment and a 2020 Wash100 Award recipient, said the Cybersecurity Maturity Model Certification (CMMC) framework does not aim to punish companies for failing to anticipate cyber breaches like the SolarWinds hack but to protect them from negligence. 

The CMMC-AB Board of Directors has collaborated with JDG Associates to conduct the search for the organization’s first CEO. CMMC-AB recently entered a contract with the Department of Defense (DoD) to become the exclusive accreditation body to build the CMMC ecosystem in support of the DoD’s CMMC requirements. 

Katie Arrington, chief information security officer at the office of the assistant secretary of defense for acquisition and 2020 Wash100 Award recipient, has said the Pentagon is working to mitigate supply-chain reliance on adversary nations. Arrington said that the Department of Defense seeks to position the U.S. supply chain to address military as well as commercial needs.

A rule finalizing the Department of Defense’s (DoD) implementation of Cybersecurity Maturity Model Certification (CMMC) requirements in DoD contracts has taken effect following delays due to the COVID-19 pandemic. Katie Arrington said that the Pentagon plans to issue a press release on contracts that will initially require CMMC certification soon.

The Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) and the Department of Defense (DoD) signed a no-cost contract on Nov. 25th, containing a new statement of work that explains the relationship between the Pentagon and the AB. CMMC-AB will remain the sole accreditor and oversight board implementing CMMC for contractors.

Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the requirements and other elements of the Cybersecurity Maturity Model Certification program could still change as the Department of Defense assesses the public comments submitted through the end of November, Nextgov reported Wednesday.

Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the Department of Defense (DoD) is close to signing a new agreement with the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body responsible for training auditors for the CMMC program.

Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the Department of Defense (DoD) should step up efforts to change the workforce culture around DevSecOps. She noted that DoD should educate its personnel about DevSecOps and cited how the department’s Adaptive Acquisition Framework could help advance DevSecOps adoption.

The Department of Defense (DoD) is on track with the final step to begin integrating Cybersecurity Maturity Model Certification (CMMC) requirements into contracts. The full CMMC program will be implemented over a period of five years and the Pentagon said contractors should expect to see such requirements in a few contracts by the end of 2020.

Katie Arrington, a 2020 Wash100 Award winner and chief information security officer for defense acquisition, said she expects the Pentagon’s new cybersecurity vetting program to certify 7,500 companies by 2021.