The Defense Department is evaluating whether it should develop cloud services that contractors could adopt to qualify for Cybersecurity Maturity Model Certification. DoD deputy CIO David McKeown explains that he would rather establish services for them that meet some set of the necessary controls specified by NIST SP 800-171, “rather than go out and assess each and every network of our industry partners.”
Source: