Cybersecurity challenge

US Army, Navy Seek Cybersecurity Measures for Non-Certified Small Business Partners

The U.S. military’s cybersecurity officials are seeking ways to provide secure arrangements for small defense industry partners unable to afford cybersecurity tools and services required under the Department of Defense’s Cybersecurity Maturity Model Certification, which is set to be implemented soon.

According to Tony Plater, the Department of the Navy’s chief information security officer, providing secure virtual desktops to small contractors without CMMC is one of the approaches the Navy is looking into. Speaking at the Google Defense Forum, Plater noted though that many of the service’s primary contractors already meet CMMC’s requirements.

Many small defense contractors are concerned that the certification process and its cost pose a burden that could prevent them from securing DOD contracts, DefenseScoop reported Friday.

Based on new Pentagon estimates, defense contractors’ spending on CMMC compliance could reach about $4 billion over 20 years.

Aside from assistance on CMMC’s technical requirements, the small contractors also need support in developing their personnel’s capabilities in cybersecurity and countering intelligence threats, the two military officials also noted.