Ellen Lord, the defense undersecretary for acquisition and sustainment, says that wth the final specification of the Cybersecurity Maturity Model Certification due before the end of January, training for the program’s third-party accreditors will take place from now until June. The CMMC accreditation body, a not-for-profit and independent group of stakeholders, has been stood up and recently selected its chair. The consortium will use DoD’s new cyber standards to develop training and certification requirements for the third-party assessment organizations and individual assessors that will evaluate companies. Lord said the accrediting body “will incorporate semi-automated processes” and “include a tool that certified third-party assessors will employ for audits and collecting metrics to inform risk.”
Cybersecurity, Privacy, & AI
Trending Now
Doxim Data Breach Settlement Underscores Third-Party Data Security Risk • SASC Proposes Reorganization of Pentagon’s IT, Cyber Leadership • Anthropic Suspends Top AI Models After U.S. Export Control Order • Senate Bill Seeks to Restore Funding for Cyber Information-Sharing Program • CISA Directive Orders Agencies to Prioritize Vulnerability Patching in a New Way
CMMC Training Underway for Auditors
KAMONRAT | Shutterstock
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.