A Stepping Stone to Cyber Solutions at the Pentagon
Dave Bailey, Vice President of Security Services at Redspin, explains the Department of Defense's Joint Surveillance Program, which allows companies to achieve Cybersecurity Maturity Model Certification (CMMC) before the official rulemaking is finalized. This voluntary assessment ensures that companies have the necessary cybersecurity measures in place to protect sensitive information. Bailey highlights the benefits of participating in this program early, as it provides a preparatory phase where companies can rectify minor issues within 180 days, aligning with eventual CMMC standards.
Bailey also discusses the long-term nature of the CMMC certification process, emphasizing that it's not a one-time event but a continuous commitment to maintaining robust cybersecurity practices. This ongoing certification ensures that companies remain compliant and capable of protecting sensitive data against evolving cyber threats.
Key Takeaways:
- Joint Surveillance Program: Provides an opportunity for DoD companies to get certified under CMMC before the official rulemaking, ensuring they have essential cybersecurity practices in place.
- Preparation and Readiness: Companies participating in the program can address minor findings within 180 days, aligning with the final CMMC requirements.
- Long-Term Certification Process: Emphasizes that CMMC certification is an ongoing journey, requiring companies to continuously demonstrate and maintain cybersecurity standards.