The Pentagon is rolling out new cybersecurity regulations for handling unclassified information that may bar contractors from bidding on future programs if they do not obtain the required certifications. Katie Arrington, chief information security officer at the office of the undersecretary of defense for acquisition and sustainment, said it will take until 2025 to fully implement the cybersecurity maturity model certification program, or CMMC. "If we don't understand that this is a collective issue, that everybody needs to have cybersecurity requirements and in their day-to-day business, we're never going to get ahead of this game," she said in October during an interview with Exo-star, a company focused on protecting the supply chain.
展开▼