This Microsoft Tech Community Public Sector Blog post is an in depth response for the Defense Industrial Base (DIB) regarding compliance with the newly-established Cybersecurity Maturity Model Certification (CMMC) from the U.S. Department of Defense (DoD).
The Office of the Undersecretary of Defense for Acquisition and Sustainment (OUSD(A&S)) vision for CMMC is to be a unified cybersecurity standard for DoD acquisitions to reduce exfiltration of Controlled Unclassified Information (CUI) from the Defense Industrial Base (DIB).
Representatives from several primes are discussing the impact of CMMC on the supplier base. These primes include Jeffrey Dodson (BAE Systems), Christopher Page (Huntington Ingalls Industries), Mike Gordon (Lockheed Martin), and Noble Dean (L3Harris).
October 24, 2019: DoD has announced CMMC as a unified cybersecurity standard to be consistently applied to all organizations across the Defense Industrial Base. CMMC certification becomes a requirement in 2020. It will greatly enhance the cybersecurity of the supply chain, but will also enforce new requirements for your organization to participate on any DoD contract. CMMC requires certification by an accredited third party and is pass/fail. Watch Ms. Arrington's CMMC introduction.
The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.
DoD is issuing an interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DoD Assessment Methodology and Cybersecurity Maturity Model Certification framework in order to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DoD supply chain.
When information security vulnerabilities are identified, the Internet Storm Center (ISC) develops, assembles, and distributes material to help the cyber security community manage these threats. For some of the more critical vulnerabilities, SANS hosts special webcasts led by ISC handlers to provide additional information. On this page, you can read an overview of some of the recent critical vulnerabilities, watch the related webcasts or go to the ISC to learn more about each vulnerability.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.