Compliance with the Cybersecurity Maturity Model Certification program will soon be required for Department of Defense contracts, but officials are also looking into also incorporating its terms into contracts offered by the Department of Homeland Security. Katie Arrington, CISO for Defense acquisitions, says that implementation of audits for the first CMMC contracts was intentionally delayed for the incoming Biden Administration to review. Arrington has promised that at least one additional federal civilian agency will adopt CMMC requirements in 2021, and GSA has already mentioned the requirements in two government-wide contracts. Arrington’s long-term goal is to implement the terms government-wide.
Source:
