CMMC Third-Party Assessments
Happy Monday and Valentine’s Day! Thanks for tuning in to this week’s segment of Mondays with Miranda.
Last week, Deputy DoD CIO David McKeown said that after further analysis, the DoD’s initial plan of “bifurcating” requirements for approximately 80,000 contractors that handle CUI, is no longer able to happen. They will now be requiring third-party assessments for all 80,000 of those contractors. McKeown said, “Unfortunately, it looks like pretty much everybody falls into the category of either being a clear defense contractor or having some critical industry tie, that pretty much all of those are going to end up being very important CUI…” This announcement comes not too long after the GAO discovered that many of the contractors who have already been audited, are failing to implement all of the required cybersecurity tools and procedures.
In other news, on Feb 2nd, Deputy Secretary of Defense Kathleen Hicks directed the realignment of the CMMC from the undersecretary of defense for acquisition and sustainment to the CIO. The goal of the realignment is to increase CMMC’s integration with other defense industrial base cybersecurity programs, according to DoD CIO John Sherman.
That’s all for today! Thank you for tuning in to this week’s segment of “Mondays With Miranda!” Keep up to date with current news by following NeQter Labs on Twitter, Facebook, LinkedIn, and Youtube. We love comments and questions, so please feel free to send me an email at firstname.lastname@example.org.