The Department of Defense announced Friday that by the end of September it will require at least some contractors bidding on defense contracts to certify that they meet "at least a basic level of cybersecurity standards" in their proposals.

A Pentagon press release issued Friday said the DoD had released its new Cybersecurity Maturity Model Certification and will begin adding the requirements to requests for information and requests for proposals incrementally throughout this year.

By fiscal year 2026, all new contracts will contain CMCC requirements, undersecretary of defense for acquisition and sustainment Ellen M. Lord said at a Pentagon news conference.

"Adversaries know that in today's great-power competition environment, information and technology are both key cornerstones," Lord said. "Attacking a sub-tier supplier is far more appealing than a prime [supplier]."

The new CMMC includes five levels of certification in cybersecurity practices and processes, starting with what Katie Arrington, the DoD's chief information security officer for acquisition described as "the basic cyber hygiene skills we should be doing every day": antivirus software, updated passwords.

The department will not certify potential defense contractors for CMMC on its own, Lord said, but instead "third-party assessment organizations" -- paid by contractors, not the DoD -- will conduct those assessments.

Subcontractors will not necessarily need to have the same level of CMMC certification to win a contract, Arrington said.

In 2018 the Department of Justice indicted two hackers associated with the Chinese government on charges they attempted to steal sensitive information from U.S. companies that manufacture jet engines, and in 2009 the Wall Street Journal reported that hackers had stolen information on the Joint Strike Fighter Project.

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Tweet

Thanks for being there; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Monthly Supporter $5+ Billed Monthly Option 1 : $5.00 USD - monthly Option 2 : $10.00 USD - monthly Option 3 : $15.00 USD - monthly Option 4 : $20.00 USD - monthly Option 5 : $25.00 USD - monthly Option 6 : $50.00 USD - monthly Option 7 : $100.00 USD - monthly paypal only		SpaceDaily Contributor $5 Billed Once credit card or paypal

BT reports 500m pound hit as UK limits Huawei 5G role
London (AFP) Jan 30, 2020
British telecoms group BT on Thursday said it would take a 500 million pounds hit after the UK government limited Huawei's role in developing the country's 5G network on security grounds. The cost, equivalent to $650 million or 590 million euros, will be spread over five years, BT said in a statement as the British company must now make changes to its 5G rollout plans after London's move on the Chinese telecoms company. "We are in the process of reviewing the guidance in detail to determine the full i ... read more