Nextgov, March 27, 2020

By Mariam Baksh

The Defense Department’s Cybersecurity Maturity Model Certification initiative could have the opposite of its desired effect and create security risks, major companies said in a letter to top Pentagon officials Friday seeking clarification on a number of issues.

“We are concerned that current plans for implementing CMMC lack sufficient clarity and predictability in key areas, and as a result may unnecessarily generate confusion, delay and associated costs,” reads the letter to Ellen Lord, under secretary of Defense for acquisition and sustainment, and Katie Arrington, the chief information security officer for the acquisitions office. “These challenges could lead to the DIB being even less secure, if left unaddressed.”

More than 100 companies are represented in the letter by the Internet Association, BSA | The Software Alliance, The Cybersecurity Coalition, the Information Technology Industry Council, CompTIA and the Alliance for Digital Innovation.

Read More >>

Original Posting: https://www.nextgov.com/cybersecurity/2020/03/tech-industry-voices-concerns-about-pentagons-cybersecurity-certification-plan/164179/