Speaking of Certification for maturity model of cybersecurity, this is a term that defines the next phase of the effort of the Sector of Defense of Defense to appropriately secure the DIB or Defense Industrial Base. What we are talking about here was the announcement made by the Sector of Defense last month wherein they mentioned about developing a valuation certification and model program for cybersecurity as well as certification program. It has been said that the statement was a signal provided by the Sector of Defense to industries as a way of telling them to end the celebratory period.
This year is not the same with the past years wherein contracting authorities will only require an SSP and also, a POA&M as compliance to DFARS 252 point 204-7012 because things are no longer enough. What happens now is that contractors are evaluated in accordance with the application of definite technical control, aside from the policies and documentation they have. The said evaluation will result from a stage of certification that goes from one to five, with five indicating the most protected level. What this means is that when you company is certified highly, it will become qualified to bid on many deals.
Conferring to the information we gather from various institutions the government, the CMMC level of the requirement will affect all subcontractors. Additionally, the Headquarters of the Defense Under Secretary mandates all future RFP’s to possess a CMMC level regardless if they are handling pieces of information that are controlled and unclassified.
With regards to the presentation of the certification for maturity model of cybersecurity, the Headquarters of the Defense Under Secretary begin by trying the understanding of DIB regarding the current state of its cybersecurity of the report given by MITRE from the late two thousand eighteen. The report given by MITRE which is called Deliver Uncompromised state that almost all government contractors are not meeting the requirements of DFARS 7012 and so much more are not understanding the meaning of meeting the regulations. If you are wondering why the conference was held, well, that is because the Headquarters of the Defense Under Secretary wants everyone to know how those contractors tied to the government are breaking the rules and regulations. We also want you to know about how the report allows the government to know who among the contractors tied to them remain loyal and credible in their work and must be given the certification for maturity model of cybersecurity.
It is safe to assume that the said certification is vital and essential for the very reason that they allow contractors tied to the government to handle projects for them and even make legit bids. If a company has this, it only goes to show how they are abiding by the rules and regulations set by the government.