Katie Arrington, chief information security officer at the office of the assistant secretary of Defense for Acquisition and Sustainment and a 2020 Wash100 Award recipient, said the Cybersecurity Maturity Model Certification (CMMC) framework does not aim to punish companies for failing to anticipate cyber breaches like the SolarWinds hack but to protect them from negligence.
Read More »CMMC-AB Board of Directors Begins CEO Search
The CMMC-AB Board of Directors has collaborated with JDG Associates to conduct the search for the organization’s first CEO. CMMC-AB recently entered a contract with the Department of Defense (DoD) to become the exclusive accreditation body to build the CMMC ecosystem in support of the DoD’s CMMC requirements.
Read More »Katie Arrington: DoD Working With Industry to Position US Supply Chain
Katie Arrington, chief information security officer at the office of the assistant secretary of defense for acquisition and 2020 Wash100 Award recipient, has said the Pentagon is working to mitigate supply-chain reliance on adversary nations. Arrington said that the Department of Defense seeks to position the U.S. supply chain to address military as well as commercial needs.
Read More »Final Rule Authorizing CMMC Req’s for DoD Contracts Takes Effect; Katie Arrington Quoted
A rule finalizing the Department of Defense’s (DoD) implementation of Cybersecurity Maturity Model Certification (CMMC) requirements in DoD contracts has taken effect following delays due to the COVID-19 pandemic. Katie Arrington said that the Pentagon plans to issue a press release on contracts that will initially require CMMC certification soon.
Read More »CMMC-AB Signs No-Cost Contract with DoD
The Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) and the Department of Defense (DoD) signed a no-cost contract on Nov. 25th, containing a new statement of work that explains the relationship between the Pentagon and the AB. CMMC-AB will remain the sole accreditor and oversight board implementing CMMC for contractors.
Read More »Katie Arrington: CMMC Requirements Open to Changes as DoD Factors in Public Comments
Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the requirements and other elements of the Cybersecurity Maturity Model Certification program could still change as the Department of Defense assesses the public comments submitted through the end of November, Nextgov reported Wednesday.
Read More »Katie Arrington on Pentagon’s New Agreement With CMMC Accreditation Body
Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the Department of Defense (DoD) is close to signing a new agreement with the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body responsible for training auditors for the CMMC program.
Read More »Katie Arrington: DoD Should Transform Workforce Culture Around DevSecOps
Katie Arrington, chief information security officer at the office of assistant secretary of defense for acquisition and a 2020 Wash100 Award winner, said the Department of Defense (DoD) should step up efforts to change the workforce culture around DevSecOps. She noted that DoD should educate its personnel about DevSecOps and cited how the department’s Adaptive Acquisition Framework could help advance DevSecOps adoption.
Read More »Rule Change to Include CMMC Requirements in Contracts On Track; Katie Arrington Quoted
The Department of Defense (DoD) is on track with the final step to begin integrating Cybersecurity Maturity Model Certification (CMMC) requirements into contracts. The full CMMC program will be implemented over a period of five years and the Pentagon said contractors should expect to see such requirements in a few contracts by the end of 2020.
Read More »Katie Arrington: DoD Projects 7.5K CMMC-Certified Companies by 2021
Katie Arrington, a 2020 Wash100 Award winner and chief information security officer for defense acquisition, said she expects the Pentagon’s new cybersecurity vetting program to certify 7,500 companies by 2021.
Read More »