Defense Department acquisition chief Ellen Lord is calling out unnamed "third-party entities" for claiming they can offer assessments under the Pentagon's new contractor cybersecurity certification program. In a statement released to the media today, Lord said she has "consistently stressed the importance of communicating and engaging extensively" with stakeholders regarding DOD's new Cybersecurity Maturity Model Certification. "Unfortunately, the department has learned that some third-party entities have made public representations of being able to provide CMMC certifications to enable contracting with DOD," Lord said. "The requirements for becoming a CMMC third-party assessment organization (C3PAO) have not yet been finalized, so it is disappointing that some are trying to mislead our valued business partners."
展开▼