Over the past six weeks, the Defense Department received more than 2,000 comments on the first public draft of the Cybersecurity Maturity Model Certification, says Undersecretary of Defense for Acquisition and Sustainment Ellen Lord. The framework is to serve as a yardstick for measuring the strength of different contractors’ digital defenses, allowing Pentagon officials to ensure vendors are appropriately protecting the sensitive military data that resides on their networks.
The department will use the feedback to inform the next iteration of the CMMC, which officials plan to publish in the first week of November. It will release the final framework in January, and contracting officers will start assimilating certifications into the acquisition process by summer.
