Katie Arrington, chief information security officer in the office of the undersecretary of defense for acquisition and sustainment, estimates that some 7,500 defense suppliers will be CMMC certified by 2021. “That doesn’t seem like a lot but if you think about the interconnectivity of the [defense industrial base] it’s a certification that’s good for all DoD contracts for three years,” Arrington remarked during a recent webinar. The Department of Defense expects that by 2026, all solicitations will include CMMC standards contractors must meet if they want to do business with the department.
Cybersecurity, Privacy, & AI
Trending Now
What Business Leaders Need to Know About Cybersecurity Certification and Enforcement in 2025–2026 • NRC Efficiency Plan to Reuse DOE, DoD Data Met With Skepticism • Closed Briefing Sets Stage For House Hearing On Anthropic’s Mythos and Cyber Risks • CISA, G7 Partners Release AI Software Bill of Materials Guidance • OMB to Refresh the Federal IT Dashboard
Pentagon Expects 7,500 Companies CMMC Certified by 2021
K_E_N | Shutterstock
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.