Speaking at the Billington Cybersecurity conference last week, Katie Arrington, the Defense Departments’ chief information security officer for acquisition, said DoD has not yet figured out how vendors will be able to save money under the Cybersecurity Maturity Model Certification by leveraging other government cybersecurity certification programs. Those cost savings have been one of the key selling points of the program. Arrington has previously said companies should get some credit for investments they’ve already made in programs like the Federal Risk and Authorization Management, but indicated that it and other programs aren’t fully equivalent to CMMC and may require additional investments.
Cybersecurity, Privacy, & AI
Trending Now
Daybreak Is OpenAI’s Answer to the AI Arms Race in Cybersecurity • Cyber Operations Aren’t Slow — Our Thinking Is • ‘No Time to Waste’ in Prepping Governments for AI Cyber Threats, Top Dem Lawmaker Says • ‘Insatiable Appetite’ for AI: Maven Usage Surged for Strikes on Iran, Pentagon AI Chief Says • Navigating Automation, Robotics, AI, and Data in a QMSR-Driven Manufacturing World
CMMC Reciprocity Guidelines are Still a Work in Progress
DR MANAGERÂ | Shutterstock
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.