JAN 04, 2021 | US
CMMC: The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program
Nextgov, January 4, 2021
By Mariam Baksh
Private-sector entities don’t usually cry out for the government to be more involved in monitoring their business practices, but 2020 has been anything but typical, and when it comes to the CMMC, that’s exactly what some of the largest tech companies are doing.
“While BSA understands that the Department of Defense seeks to create private sector-based certification infrastructure in order to enable it to meet the requirement for certifications across such a large group of vendors, the current approach creates a number of challenges undermining the integrity of the process, including potential for conflicts of interest, profiteering, and outsourcing of an inherently governmental function,” BSA | The Software Alliance wrote in response to the interim rule.
“The establishment of an independent Accreditation Board composed of representatives from the Defense Industrial Base holds the potential to put industry representatives in a position to oversee the evaluation of their competitors, a troubling potential conflict,” read the comments from BSA, which has a number of members in common with ITI. “One approach would be for the Department to re-establish the Accreditation Board as a government body, and to put in place guide rails to prevent excessive certification pricing or other abuses. In any event, the current approach must be revisited.”
SOBRE A BSA
A BSA | The Software Alliance (www.bsa.org) é a principal defensora do setor global de software perante governos e no mercado internacional. Seus membros estão entre as empresas mais inovadoras do mundo, criando soluções de software que estimulam a economia e melhoram a vida moderna.
Com sede em Washington, DC e operações em mais de 30 países, a BSA promove programas de conformidade que promovem o uso legal de software e defendem políticas públicas que promovem a inovação tecnológica e o crescimento da economia digital.