Robert Kolasky: CISA to Incorporate CMMC Aspects Into Supply Chain Guidance

Jeff Brody
Robert Kolasky

Robert “Bob” Kolasky, an official at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said a CISA task force will issue “supply chain essentials” guidance that integrates aspects of the Department of Defense’s Cybersecurity Maturity Model Certification program, Nextgov reported Thursday.

Kolasky, director of CISA’s National Risk Management Center, said continued collaboration between CISA’s information and communications technology supply chain risk management task force and CMMC is vital “to make sure that we suck in the way that questions are being asked of the defense industrial base and translate that into other markets in a similar way.”

The upcoming document from the CISA task force will be voluntary for private sector organizations and federal agencies operating across the 16 critical infrastructure sectors and will incorporate questions the government and industry should ask from cybersecurity platform suppliers, a move which Kolasky said could help ensure that vendors understand security expectations.

“CMMC is a terrific start to a framework that’s going to make a meaningful difference,” Kolasky said. “It’s one of those requirements that creates more certainty for businesses and ultimately should incentivize security in a rational manner that will leave the country better off.”

You may also be interested in...

William Conley CTO Mercury Systems

Mercury Systems’ William Conley Joins NDIA Central Georgia Chapter Board

William Conley, chief technology officer of Mercury Systems (Nasdaq: MRCY), has been named to the board of directors for the National Defense Industrial Association's Central Georgia chapter. He will serve as a board member for a term of up to six years, Mercury Systems said Thursday.

Cloud IT

DHS Posts $3B Data Center, Cloud Solicitation

The Department of Homeland Security has issued a request for proposals for its indefinite-delivery/indefinite-quantity Data Center and Cloud Optimization contract worth potentially $3.35B over 10 years.