One Defense cybersecurity initiative from the Trump era is gaining steam in the Biden. That would be CMMC, the Cybersecurity Model Maturity Certification Program. In a program with many moving parts, all aimed at making sure Defense contractors can be trusted with controlled, unclassified information. Two cybersecurity companies in that CMMC ecosystem, found in a survey earlier this year that the program will be costly and difficult for contractors. To further discuss, Federal Drive with Tom Temin welcomed Apptega’s vice president of marketing, Scot McLeod and the director of consulting at SecureStrux, Thad Wellin.
Tom Temin: So this survey found that it’s kind of like prostate health, everybody wants it, but nobody wants to have the tests to go through what it takes to get there. So give us the highlights from what you found from, what about, 150 companies?
Scot McLeod: Sure, Tom. So to start, we found that over 80% of the contractors and subcontractors told us that CMMC is an important initiative to protect sensitive information in the DoD supply chain. And in fact, none of the participants indicated that it was not important. I think we’re very happy to see that there’s large, or broad scale agreement, that this is an important and necessary initiative.
Tom Temin: All right, but that’s where the ‘buts’…