Speaker News

Ellen Lord: DOD is Focused on Implementing CMMC Program

Ellen Lord

Undersecretary

DOD

Ellen Lord: DOD is Focused on Implementing CMMC Program

The Department of Defense is currently focused on minimizing the impact of cyber threats to the department and its supply chain of companies. 

Ellen Lord, the DOD's undersecretary for acquisition and sustainment, a past Potomac Officers Club event speaker and a four-time Wash100 awardee, highlighted the Pentagon's efforts to implement its Cybersecurity Maturity Model Certification program, DOD reported Thursday.

"It's no secret that the U.S. is at cyberwar every day. Cybersecurity risks threaten the industrial base, national security, as well as partners and allies," Lord said during the Professional Services Council's 2020 Defense Services Conference. 

CMMC is the Pentagon's metric for determining contractors' ability to protect themselves and their work with the department from cyber threats. 

According to Lord, the CMMC program is part of DOD's effort to support the Defense Federal Acquisition Regulation Supplement rulemaking process while accomplishing a deal with the newly established CMMC accreditation body.

The CMMC-AB will accredit third-party assessors who will evaluate defense contractors' compliance with CMMC standards. CMMC-AB began registering third-party assessors in June, Lord said.

Lord added that the DOD's Office of the Chief Information Security Officer for Acquisition and the Missile Defense Agency are currently processing a CMMC pathfinder for a contract for acquisition tabletop exercises and mock assessment training. 

 "These pilots will be implemented on new DOD contracts to further reduce the risk of CMMC phased rollout, by focusing on the flow-down of controlled unclassified information … and CMMC requirements through the supply chain and conduct of mock CMMC assessments," Lord said. 

The DOD is reportedly also working with the Department Information Systems Agency's Enterprise Mission Support Service to develop an infrastructure for CMMC assessment reports, certificates and data analytics.

Category: Speaker News

Tags: CISO CMMC CMMC Accreditation Body cyber threat cybersecurity Cybersecurity Maturity Model Certification defense contractors Department of Defense Ellen Lord MDA Professional Services Council's 2020 Defense Services Conference Speaker News supply chain third-party assessor Wash100