Industry Groups Weigh In on CMMC Costs, Guidelines for Assessment As Pentagon Interim Rule Takes Effect
DEC 04, 2020 | US
Industry Groups Weigh In on CMMC Costs, Guidelines for Assessment As Pentagon Interim Rule Takes Effect
Inside Cybersecurity, December 4, 2020
By Sara Friedman
Industry groups across a wide range of sectors are asking the Defense Department to provide more details on how its new cyber certification program will impact government contractors.
Depending on the type of product or service, DoD vendors may already be subject to assessment, certification, or direction under a number of existing initiatives across DOD and the Federal Government,” BSA | The Software Alliance wrote to the Pentagon, referring to the General Service Administration’s FedRAMP program, DoD’s Cloud Computing Security Requirements Guide (SRG) and audits from the Defense Contract Management Agency.
“Moreover, many vendors may obtain certifications against internationally recognized standards that attest to security controls covered by the CMMC,” BSA said. “It is unclear how CMMC certification, above and beyond these existing obligations, would improve the Department’s confidence in the security practices of such vendors.”
Original Posting: https://insidecybersecurity.com/daily-news/industry-groups-weigh-cmmc-costs-guidelines-assessment-pentagon-interim-rule-takes-effect
ACERCA DE BSA
BSA | The Software Alliance (www.bsa.org) es el principal defensor de la industria global del software ante los gobiernos y en el mercado internacional. Sus miembros se encuentran entre las compañías más innovadoras del mundo, creando soluciones de software que impulsan la economía y mejoran la vida moderna.
Con sede central en Washington, DC y operaciones en más de 30 países, BSA es pionera en programas de cumplimiento normativo diseñados para fomentar el uso legal de software, y apoya políticas públicas que incentivan la innovación tecnológica e impulsan el crecimiento de la economía digital.