Ellen Lord, undersecretary for acquisition and sustainment at the Defense Department and a 2019 Wash100 winner, has said DoD will roll out cybersecurity maturity model certification in January as part of efforts to protect the Pentagon’s supply chain.
She noted that the CMMC program will cover five criteria designed to measure a defense contractor’s process maturity and technical expertise in handling systems or subsystems, according to an article posted Tuesday on the department website.
“When we look at cybersecurity standards, I believe it is absolutely critical to be crystal clear as to what expectations [and] measurements are, what the metrics are and how we will basically audit against those,” Lord said.
DoD also collaborates with private sector organizations that are willing to conduct third-party audits to evaluate CMMC framework compliance.
The department is looking to incorporate cybersecurity requirements into the request for information process by June.