Yesterday, the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved a notice of proposed rulemaking (NPRM) for the DOD’s “Cybersecurity Maturity Model Certification (CMMC) Program”. The NPRM was sent to OIRA on July 24th, 2023. Guidance documents for the program were approved last week.
According to the Spring 2023 Unified Agenda entry for this
rulemaking:
“DOD is proposing to implement the
Cybersecurity Maturity Model Certification (CMMC) Framework, to help assess a Defense Industrial Base
(DIB) contractor’s compliance with and implementation of cybersecurity requirements
to safeguard Federal Contract Information (FCI) and Controlled Unclassified
Information (CUI) transiting non-federal systems and mitigate the threats posed
by Advanced Persistent Threats--adversaries with sophisticated levels of
expertise and significant resources.”
Posts
No comments:
Post a Comment