Todd Gustafson, president of HP’s federal arm, wrote in a commentary published Monday on Federal News Network that the Department of Defense’s implementation of the Cybersecurity Maturity Model Certification program marks “an important step in enabling a more secure government.”
Gustafson wrote how CMMC will help transform the way agencies buy technologies.
“With CMMC guiding government agencies and contractors alike, this will be a year of significant change in procurement procedures,” he noted. “Buyers will have to understand how requirements are evolving, pay close attention to the endpoint devices and software they allow into their enterprises, and take meaningful action to maximize their security postures against rising threats from home and abroad.”
He also cited the need for agencies to transition from the “lowest priced, technically acceptable” model toward a framework that allows them to closely vet the technologies they intend to purchase and prioritize partnerships with vendors that work to ensure the security of their software and hardware.