Date: Wednesday, August 21
Time: 0830 – 0930 and 1030 – 1130 (Repeat)
Location: Room 17
Speaker: Katie Arrington, DoD
Session Description:
The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) recognizes that security is foundational to acquisition and should not be traded along with cost, schedule, and performance. The Department is actively working with the Defense Industrial Base (DIB) to enhance the protection of controlled unclassified information (CUI) within the supply chain.
As part of this effort, OUSD(A&S) is collaborating with DoD stakeholders, University Affiliated Research Centers (UARCs), Federally Funded Research and Development Centers (FFRDC), and industry to develop the Cybersecurity Maturity Model Certification (CMMC).
The CMMC will combine various cybersecurity standards, controls, and best practices to create levels ranging from basic cyber hygiene to advanced. Once implemented, the CMMC will reduce risk against a specific set of cyber threats.
The CMMC builds upon existing regulations and control frameworks while adding a verification component with respect to cybersecurity requirements.
The goal is for CMMC to be cost-effective and affordable for small businesses to implement.
Certified, independent, 3rd party organizations will conduct audits and inform risk.