This blog was written by PreVeil board member Admiral James Stavridis,
U.S. Navy, ret. 4-star officer
The costs and consequences of malicious cyber-activity are impossible to put a price tag on, as bad actors pose threats in all aspects of our personal, public and political lives. And the stakes are only rising both here at home and globally. In my upcoming RSAC 2020 keynote with my colleague, Juliette Kayyem, former assistant secretary at the US Department of Homeland Security and Professor at Harvard’s Kennedy School of Government, we’ll address the latest in global cybersecurity threats, the geopolitical and cyberwar-fighting challenges our nation faces, and the vulnerability of the 2020 US presidential campaigns and election.
Juliette and I will also dig deep into the security of the US Defense Industrial Base (DIB)—that is, the 300,000-plus contractors and suppliers who do work for the Department of Defense (DoD). In particular, we’ll focus on a sweeping DoD initiative to harden the DIB’s cybersecurity in the face of challenges from economic competitors and nation-state adversaries. The DoD has recently put this $1 trillion sector of the US economy on a fast track to higher cybersecurity standards with an “up or out” program known as Cybersecurity Maturity Model Certification (CMMC).
The DoD knows what it needs to do and is acting fast with CMMC.
CMMC introduces new cybersecurity standards on top of existing ones and maps them to five levels of cybersecurity maturity. Companies that hope to handle controlled unclassified information (CUI) will need to achieve at least CMMC Level 3. All backups of CUI at any storage location need to be protected, too.
CMMC also calls for new email protections such as asymmetric cryptography. All of these CMMC requirements can be met by the gold standard of 100% end-to-end encryption to protect email, files and data.
As a retired Admiral and former Supreme Allied Commander of NATO, I’m thrilled with the DoD’s push to defend against cyberattacks that threaten US advantages in the military, technological and commercial realms. I believe that CMMC or something like it is essential to all types of sectors, from financial services to healthcare to university research. And I’m proud that the DoD is taking the lead in this critical work.
I encourage you to come listen to Juliette and myself as we discuss these topics and more at RSA on February 27th from 1:30pm -2:20, Moscone South Esplanade. These are vital topics for our country’s future.