CMMC

DOD revamps controversial CMMC program

After a nine-month review, the Defense Department is replacing its original cyber compliance program for the industrial base with CMMC 2.0, putting more emphasis on self-assessment.

White House pick for DOD CIO eyes tweaks to CMMC

The Biden administration's pick to be the Pentagon's tech chief wants to make it easier for small businesses to adhere to the Defense Department's cybersecurity standards and expand network optimization across the entire enterprise.

CMMC's Arrington sues DOD to clear her name

Katie Arrington, who has been off the job since May, is suing the Department of Defense to get resolution on her personnel case.

DOD wants industry to continue with CMMC prep amid program review

Dr. Christine Michienzi, the chief technology officer for the Office of the Deputy Assistant Secretary of Defense for Industrial Policy, said while results were coming soon, defense contractors should "continue on" with updates to cybersecurity practices as DOD finalizes its review of its Cybersecurity Maturity Model Certification program.

DOD's silence on CMMC is worrying industry, trade groups claim

Months of silence from the Defense Department on the status of the Cybersecurity Maturity Model Certification program is palpable and stirring unease among defense contractors, trade associations say in a letter to Deputy Defense Secretary Kathleen Hicks.

CMMC board chief talks assessors, IT staff

Matt Travis, the CEO for the Cybersecurity Maturity Model Certification Accreditation Body, said proper training and IT access to the Defense Department's Enterprise Mission Assurance Support Service (eMASS) application, which will house CMMC data, still needs to be finalized for the third-party organizations that will be charged with conducting cyber assessments.

DHS wants a CMMC-like model for contractors

DHS' Office of the Chief Procurement Officer issued a special notice Aug. 10, noting that it is looking for a way to check contractors' compliance with its cyber hygiene clauses released in 2015.

First CMMC assessment organization approved

The accrediting body overseeing the Defense Department's Cybersecurity Maturity Model Certification program announced the debut of the first organization authorized to assess defense contractors.

CMMC assessor training expected in late summer

The professional training needed to carry out assessments for the Defense Department's unified cybersecurity standard for contractors won't kick off until later this summer.

Is it time to test the limits -- and potential -- of expanding CMMC?

Calls for a certified baseline of cybersecurity seem to increase with every cyberattack. Is the CMMC model the right template for a universal and independently verifiable way to protect supply chains?

CMMC board adds new training head, board members

Melanie Kyle Gingrich will take over training daily operations for the Cybersecurity Maturity Model Certification Accreditation Body as the vice president of training and development.

Space Force satcoms contract gets CMMC nod

A request for information for the Inmarsat Broadband Global Area Network and Global Xpress contract was amended March 31 to include requirements for the CMMC pilot program.

Mandatory review of DOD's compliance on CMMC is delayed

The Defense Department was supposed to submit a review to Congress by March 1 assessing whether components complied with the guidelines of the Cybersecurity Maturity Model Certification program. That deadline has been pushed to June.

First set of CMMC certification orgs emerge

The Defense Department's unified cybersecurity program is making gains with its first tranche of certifying bodies, but assessments for defense contractors are a ways off.

CMMC board preps for staff changes

The body in charge of standing up and running the Defense Department’s unified cybersecurity standard is shifting its staffing arrangement.

Final rule, formal training orgs on CMMC could hit this summer

A final rule on the Defense Department's unified cybersecurity standard could debut as soon as this summer but implementation hinges on standing up a formal training system.

CMMC countdown is on but are there enough assessors to do the job?

Katie Arrington, DOD's CISO for acquisition, said having enough assessors to do in-person audits of defense contractors is her biggest concern.