The following article is written by PreVeil board member Admiral James Stavridis
The Pentagon is taking a big new step to harden digital security for the US defense industry. I think we’ll look back on it as a “shot heard round the world” on cybersecurity for American industry more widely.
Undersecretary of Defense for Acquisition and Sustainment Ellen Lord has rolled out V1 of the Cybersecurity Maturity Model Certification program, or CMMC. It puts the DoD’s 300,000 suppliers and subcontractors on an “up or out” path to dramatically stronger digital security protocols.
Starting this fall, top suppliers will be required to prove compliance with CMMC’s increasingly stringent cybersecurity standards to even bid on new DoD contracts. In a handful of years, the entire $1 trillion defense sector will have to be in compliance.
We’ve all seen the vulnerability of industries across the board to cyber espionage and attack. For the US defense industrial base, that vulnerability means a direct challenge to US national security. I’m proud of the DoD, Ellen Lord, and the CISO in her office, Katie Arrington, for pulling together this major advance in US the defense industry’s cybersecurity.
My guess is this will come to be seen as a seismic shift, with American research universities, healthcare and finance industries following suit. The costs of cyber-vulnerability have simply become too high. From defense contractors to research centers to hospitals and traders, the risk entailed in unencrypted files and unencrypted emails is just too great.
I’m on the board of PreVeil, the leading end-to-end encryption company for email and file-sharing, and I’ve seen the power of top-flight encryption to secure digital defenses. PreVeil’s CMMC whitepaper shows a pragmatic roadmap to put defense industry suppliers in compliance with the DOD’s new CMMC requirements. I believe key elements of the higher standard of cybersecurity now being promoted by the DoD will before long become the everyday expectation for many industries and individuals, and we will look back on the vulnerability and exposure of private data of all kinds over this last decade with dismay.
Here’s a salute to the DoD for leading the way!