The following article is written by PreVeil board member Admiral James Stavridis
The Pentagon is taking a big new step to harden digital security for the US defense industry. I think we’ll look back on it as a “shot heard round the world” on cybersecurity for American industry more widely.
Undersecretary of Defense for Acquisition and Sustainment Ellen Lord has rolled out V1 of the Cybersecurity Maturity Model Certification program, or CMMC. It puts the DoD’s 300,000 suppliers and subcontractors on an “up or out” path to dramatically stronger digital security protocols.
Starting this fall, top suppliers will be required to prove compliance with CMMC’s increasingly stringent cybersecurity standards to even bid on new DoD contracts. In a handful of years, the entire $1 trillion defense sector will have to be in compliance.
We’ve all seen the vulnerability of industries across the board to cyber espionage and attack. For the US defense industrial base, that vulnerability means a direct challenge to US national security. I’m proud of the DoD, Ellen Lord, and the CISO in her office, Katie Arrington, for pulling together this major advance in US the defense industry’s cybersecurity.
My guess is this will come to be seen as a seismic shift, with American research universities, healthcare and finance industries following suit. The costs of cyber-vulnerability have simply become too high. From defense contractors to research centers to hospitals and traders, the risk entailed in unencrypted files and unencrypted emails is just too great.
I’m on the board of PreVeil, the leading end-to-end encryption company for email and file-sharing, and I’ve seen the power of top-flight encryption to secure digital defenses. PreVeil’s CMMC whitepaper shows a pragmatic roadmap to put defense industry suppliers in compliance with the DOD’s new CMMC requirements. I believe key elements of the higher standard of cybersecurity now being promoted by the DoD will before long become the everyday expectation for many industries and individuals, and we will look back on the vulnerability and exposure of private data of all kinds over this last decade with dismay.
Here’s a salute to the DoD for leading the way!
CMMC: The DoD’s Big Move on Cybersecurity
By: Orlee Berlove, reviewed by Noël Vestal, PMP, CMMC RP
Author
Orlee Berlove, reviewed by Noël Vestal, PMP, CMMC RP
Noël Vestal is a CMMC Certified Professional and CMMC RP with over 15 years in DoD IT program management. She implemented the NIST 800-171/CMMC Level 2 compliance program for an OSC member of the DIB. She has her Master of Science (M.S.) in Information Technology and holds certifications from the CMMC Accreditation Body (CMMC AB) as a CMMC Certified Professional (CCP), CMMC Registered Practitioner (RP), CMMI Associate, and holds additional certifications including, Project Management Professional (PMP), and CompTIA’s Security + certification.
Orlee Berlove has been a marketing leader for over 25 years, and is currently the Senior Director of Marketing at PreVeil. She has her Masters of Engineering, Operations Research and her Bachelor of Arts from Cornell University.