Updated 8(a) STARS III RFP to Include CMMC
Happy Monday! In today’s exciting news, the GSA recently released the updated 8(a) STARS III RFP, which includes CMMC. According to JD Supra, “as part of each offeror’s Supply Chain Risk Management Plan, the 8(a) STARS III RFP requires the offeror to address 1) their intent to obtain CMMC, 2) their target certification level, and 3) their timeline for obtaining the certification.” Proposals are due by August 19th, 2020, so it is important for contractors to begin looking into cybersecurity and learn how to tackle the requirements of CMMC at their specified levels.
In other news, Garmin was reportedly hit by a cyber attack last Thursday. The company is being asked to pay $10 million in ransom to get their systems back up and running. Garmin released information that the ransomware being used is “WastedLocker.” As a result of the attack, Garmin’s IT Department had to shut down the entire network in order to stop the spread of ransomware. Locations, including all of the factories in Taiwan, have shut down operations. It is still unknown whether they will be paying the ransom or not, as Garmin has not yet commented.
Lastly, Katie Arrington, CISO for Defense Acquisition, said “she expects the Pentagon’s new cybersecurity vetting program to certify 7,500 companies by 2021,” according to National Defense Magazine. During a Celerium-hosted webinar, she told attendees that the “DoD plans to release RFP’s that include CMMC version 1 requirements following the implementation of amendments in DFARS. She stated that she anticipates these solicitations to be released this September or October.”
That’s all for today! Thank you for tuning in to this week’s segment of “Mondays With Miranda!” Keep up to date with current news by following NeQter Labs on Twitter, Facebook, and LinkedIn. We love comments and questions, so drop me an email firstname.lastname@example.org.