FIRST CMMC TEST CASES MAY COME UNDER PENTAGON SCRUTINY
If you’re still looking for motivation on why Cybersecurity Maturity Model Certification (CMMC) matters, like, yesterday, just look to the Pentagon’s recent reveal: seven Department of Defense (DoD) contracts look to be the first ones tested in its “Pathfinder” process. The intent: show everyone else what supplier security, physical and digital, mustlook like if they want to keep their contract pipelines open.
The industry’s hot take: This is a very big wake-up call to get your IT Security up to speed as the Pathfinder process ramps up. You may ask, how did we get here so fast? After all, it’s the middle of a global pandemic; but that just makes the US extra vulnerable, as recent major incursions attest.
In the Interim
The general public may not have known about such nefarious activity being planned, but that could explain why the DoD issued an interim rule this past September. (It might be the one that’s still sitting unread in your inbox—understandable.) Unfortunately, it was about how fast anyone in the DoD’s supply chain might lose their contracts if they fail to demonstrate the necessary steps taken in compliance with CMMC requirements.
We all know it’s a mouthful and a ton of work. Nevertheless, the CMMC requirement for Department of Defense (DoD) suppliers isn’t standing still. If the current test candidates go forward, testing could affect suppliers for the Navy, Air Force, and Missile Defense Agency. It also could be a relatively short hop to your actual assessment in the future. Are you ready?
Get out in Front of It!
As Rochester’s first CMMC Registered Provider Organization, Dox will do a top-to-bottom assessment and offer the vital advice that a Certified Assessor is not even allowed to give—that’s just going to be another pass/fail scenario. If you’re looking for hands-on expert advice to prepare for your assessment, need assistance remediating your environment to be compliant or would just like more information, click here to contact DOX now.