In January, the Pentagon plans to publish the final Cybersecurity Maturity Model Certification, under which companies would have their cyber practices graded, and procurement officials would use that to determine which vendors are eligible for certain contracts, with more sensitive projects requiring more stringent security standards. However, while the program is intended to push vendors to strengthen their security standards and increase visibility into the department’s supply chain, it could also render a significant chunk of the Pentagon’s contractor pool ineligible for its most sensitive projects. Maj. Gen. Garrett Yee, assistant to the director of DISA, says they don’t know how many.
Cybersecurity, Privacy, & AI
Trending Now
FBI Takes Down Massive China-Based Cybercrime Network That Caused $1.9B in Losses • Agentic AI Is Coming to Government Faster Than Its Guardrails • Trump Releases National Security Systems Cybersecurity Policy • Industry and Academia Call on Administration to Free Anthropic’s AI Model • A Cyber Force With No Enlisted? Not So Fast, Some Experts Say
DISA Official: “No One Knows” How Cyber Standards Will Impact Contractor Pool
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.