JAN 04, 2021 | US
CMMC: The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program
Nextgov, January 4, 2021
By Mariam Baksh
Private-sector entities don’t usually cry out for the government to be more involved in monitoring their business practices, but 2020 has been anything but typical, and when it comes to the CMMC, that’s exactly what some of the largest tech companies are doing.
“While BSA understands that the Department of Defense seeks to create private sector-based certification infrastructure in order to enable it to meet the requirement for certifications across such a large group of vendors, the current approach creates a number of challenges undermining the integrity of the process, including potential for conflicts of interest, profiteering, and outsourcing of an inherently governmental function,” BSA | The Software Alliance wrote in response to the interim rule.
“The establishment of an independent Accreditation Board composed of representatives from the Defense Industrial Base holds the potential to put industry representatives in a position to oversee the evaluation of their competitors, a troubling potential conflict,” read the comments from BSA, which has a number of members in common with ITI. “One approach would be for the Department to re-establish the Accreditation Board as a government body, and to put in place guide rails to prevent excessive certification pricing or other abuses. In any event, the current approach must be revisited.”
Original Posting: https://www.nextgov.com/cybersecurity/2021/01/cmmc-dramatic-year-pentagons-contractor-cybersecurity-program/171084/
ACERCA DE BSA
BSA | The Software Alliance (www.bsa.org) es el principal defensor de la industria global del software ante los gobiernos y en el mercado internacional. Sus miembros se encuentran entre las compañías más innovadoras del mundo, creando soluciones de software que impulsan la economía y mejoran la vida moderna.
Con sede central en Washington, DC y operaciones en más de 30 países, BSA es pionera en programas de cumplimiento normativo diseñados para fomentar el uso legal de software, y apoya políticas públicas que incentivan la innovación tecnológica e impulsan el crecimiento de la economía digital.