DOD Cybersecurity Certification Body Moving Forward Despite Uncertain Funding – By Mariam Baksh (Nextgov) / Sept 11 2020
It’s unclear where money for crucial tools such as continuous monitoring will come from.
The first class of assessors being trained by a volunteer accreditation body established to implement the Defense Department’s Cybersecurity Maturity Model Certification program should start receiving approval within the coming week, but may not have access to continuous monitoring to conduct initial audits, as the organization struggles to fund its operations.
“We don’t have any external funds to pay for things that we needed, whether it was continuous monitoring, whether it was staff, whether it was insurance, all the normal business things we needed,” said Chris Golden, a member of the board of directors for the accreditation body, or AB. “We’ve been struggling spending a significant amount of our time trying to figure those things out versus figuring out what the ecosystem is going to look like and training people and getting assessments going and those kinds of things.”
Golden spoke along with Robert Metzger, an attorney who co-authored the MITRE report “Deliver Uncompromised” and has been a member of the Defense Science Board, during an event Friday hosted by the cybersecurity ratings company BitSight. BitSight has submitted a response to the accreditation body’s request for proposal for a continuous monitoring solution, vice president of communications and government affairs Jake Olcott told Nextgov.
Continue to article: https://www.nextgov.com/cybersecurity/2020/09/dod-cybersecurity-certification-body-moving-forward-despite-uncertain-funding/168424/