In January, the Pentagon plans to publish the final Cybersecurity Maturity Model Certification, under which companies would have their cyber practices graded, and procurement officials would use that to determine which vendors are eligible for certain contracts, with more sensitive projects requiring more stringent security standards. However, while the program is intended to push vendors to strengthen their security standards and increase visibility into the department’s supply chain, it could also render a significant chunk of the Pentagon’s contractor pool ineligible for its most sensitive projects. Maj. Gen. Garrett Yee, assistant to the director of DISA, says they don’t know how many.
Cybersecurity, Privacy, & AI
Trending Now
Agriculture Department Kicks Off $300M Palantir Deal on IT, National Security Work • Vercel Attack Fallout Expands to More Customers and Third-Party Systems • Seeing the Cyber in Economic Statecraft • Responding to a Data Breach: How to Preserve the Attorney-Client Privilege • NIST Cyber Center to Launch OT ‘Visibility’ Project
DISA Official: “No One Knows” How Cyber Standards Will Impact Contractor Pool
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.