As more resources move to the cloud and users increasingly work remotely, the National Security Agency issued new cybersecurity guidance. It had a line of particular importance for those companies that must meet CMMC compliance.
“NSA strongly recommends that a zero-trust security model be considered for all critical networks within National Security Systems, the Department of Defense’s critical networks, and Defense Industrial Base critical networks and systems,” the agency wrote in a February report.
The zero-trust model will evolve contractors’ compliance strategies as the CMMC rollout continues but could be key for companies outside the DIB also, because CMMC compliance may soon be required for a larger scope of contractors. The General Services Administration’s (GSA) STARS III solicitation states, “(w)hile CMMC is currently a DOD requirement, it may also have utility as a baseline for civilian acquisitions.”
Keith Nakasone, former deputy assistant commissioner of acquisition management for the GSA, will join CMMC Con to address how CMMC may soon be a requirement for all federal contracts.
Nakasone joined VMware as a federal strategist in June, after spending more than four years with the GSA. There, he oversaw roughly 300 procurement personnel and contracts worth more than $30 billion per year. Nakasone, who has 32 years of government experience, previously had senior procurement roles at the Federal Communications Commission and Defense Information Systems Agency.
Nakasone will join CyberSheath Vice President of Security Services Carl Herberger for a question and answer session on CMMC and supply chain security for all small companies working as contractors for the U.S. government. Register for CMMC Con 2021 now to join the discussion and learn how CMMC applies beyond the DOD.