Katie Arrington: DoD Wants First-Tier Suppliers to Meet ‘Level One’ CMMC Criteria

Jeff Brody
Katie Arrington

Katie Arrington, chief information security officer in the Department of Defense acquisition office, has said that DoD is looking to require suppliers of prime contractors to meet the foundational requirements for its new certification program, Federal News Network reported Friday.

Arrington, a recipient of the 2020 Wash100 Award, told attendees at an AFCEA-hosted online forum that the Cybersecurity Maturity Model Certification can serve as a tool for mitigating cases of shell companies and foreign-owned entities across the defense supply chain.

“There is a challenge in our supply chain that you may not be aware of,” said Arrington.

“Our adversaries are buying up key suppliers for manufacturers and then cutting off the supply. We need to assure that they’re good companies that are getting into business with you.”

She noted that the current health crisis has shifted the department’s focus to the dependence of its supply chain on foreign companies.

The DoD expects thousands of contractors to achieve CMMC accreditation within five years, the report said.

Check Also


SAIC Awarded TSA Test & Evaluation Support BPA

Science Applications International Corp. (NYSE: SAIC) has been awarded a potential $40M blanket purchase agreement for operational test and evaluation services to the Transportation Security Administration, according to an award notice posted Thursday.

US Air Force

Air Force Selects Boeing, Lockheed, Raytheon Technologies for Hypersonic Cruise Missile Tech Design Program

The U.S. Air Force has indicated its intent to solicit design proposals from Boeing (NYSE: BA), Lockheed Martin (NYSE: LMT) and Raytheon Technologies (NYSE: RTX) for a hypersonic cruise missile technology that can be launched from a fighter or a bomber aircraft.