top of page

From CISA Closely Tracking DoD’s CMMC Progress for Lessons on Future Efforts

Article highlights:

  • The Cybersecurity and Infrastructure Security Agency (CISA) is keeping a close eye on the progress of the Defense Department’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program to improve the security of the defense industrial base (DIB) as CISA considers possible moves in the same direction on the civilian side of the Federal government.

  • Boyden Rohner, CISA’s associate director for vulnerability management, said her agency is “eagerly anticipating how CMMC rolls out” for the DoD as her agency considers programs that may run in the same direction.

  • Buddy Dees, director of the CMMC program said on the webinar that the model developed by DoD is “a big move forward” for supply chain security by adding the obligation of DIB members to verify that they have at least minimal levels of cybersecurity in place.

  • Kirk Kern, CTO Americas and director of the Office of Technology and Strategy at NetApp, said he views the CMMC program and others like it as “critical sources” to understand and apply security requirements.


bottom of page