10 mars 2020 | International, C4ISR, Sécurité
Mark Pomerleau
The Pentagon hopes to have the first class of auditors to evaluate contractors' cybersecurity ready by April, a top Department of Defense official said March 5.
The auditors will be responsible for certifying companies under the new Cybersecurity Maturity Model Certification (CMMC), which is a tiered cybersecurity framework that grades companies on a scale of one to five. A score of one designates basic hygiene and a five represents advanced hygiene.
Currently, there are no auditors — known as Certified Third-Party Assessment Organizations (C3PAO) — as the accreditation board came about officially in January.
“Our goal is to have, in late April, our pilot pathfinder on the training for the C3PAOs,” Katie Arrington, chief information security officer for the Office of the Under Secretary of Defense for Acquisition, said at an event hosted by DreamPort in Columbia, Maryland.
The accreditation board is working on training the auditors and the accompanying training materials
Arrington said just because there aren't any auditors already working doesn't mean companies shouldn't be getting ready.
“You've got to get prepared for the audit,” she said. “You should be able to say ‘I think I've done my self assessment, I think I'm at this CMMC level.' Waiting for the audit to come in and then decide to get good or to get on track is not the way I would position my business.”
If all goes according to plan, all new contracts in 2025 will feature the security requirements.
Arrington also suggested that the framework has received interest outside the DoD.
“Do I think that other federal agencies are getting on board? Yes they are. They're waiting for me to get through my pathfinder,” she said.
She also referred to comments made by Under Secretary of Defense for Acquisition and Sustainment Ellen Lord, who explained nearly a dozen nations and international organizations are interested in adopting CMMC.
12 octobre 2022 | International, C4ISR
With the acquisition of Excellium and S21Sec, Thales will accelerate its cybersecurity development roadmap and expands its footprint in Luxembourg, Belgium, Spain and Portugal
22 juin 2023 | International, Aérospatial
Boeing's T-7 has struggled with safety issues and testing and schedule delays, and lawmakers want the Air Force to speed up the Red Hawk's acquisition.
23 avril 2019 | International, Terrestre
By: Jen Judson WASHINGTON — The U.S. Army plans to take another year to pick an Active Protection System for its Stryker combat vehicle, according to the military deputy to the Army acquisition chief. The service is already fielding the Rafael-made Trophy APS on its Abrams tank and has picked IMI's Iron Fist for the Bradley Fighting Vehicle — both as interim systems until the Army can develop an advanced future system — but it had to go back to square one when its attempt to outfit Stryker with Herndon, Virginia-based Artis LLC's Iron Curtain system failed. The Army put out a request for possible systems to be qualified as an interim solution on the Stryker. Officials ultimately chose a Rafael and DRS team and a Rheinmetall and UBT team to participate in a live-fire rodeo last November to see if either system might work. But while it was believed a decision would come soon after, Lt. Gen. Paul Ostrowski testified at an April 2 Senate Armed Services Airland Subcommittee hearing that it would take another year to make a decision. “We have two companies that are in the process of competing for [APS on Stryker]. One is a venture between ... Rafael and DRS and the other is Rheinmetall and UBT, so we are in the process of going through that,” Ostrowski said. “It's going to take about a year, quite frankly, in order to put those systems on the vehicles, characterize them and make a determination as to whether or not to move forward with either one of the two vendors.” Ostrowski added the service had asked each team to provide blueprints and to build their non-developmental APS systems to fit on Stryker. “They are in the process of doing that build,” he said. “And once the build is put on the vehicle, it's then a matter of testing in order to ensure that it works,” Ostrowski said, which is not unlike the process the Army went through to characterize and qualify APS systems on both Abrams and Bradley. Israeli company Rafael and DRS submitted its Trophy VPS — a lighter version of Trophy — for the rodeo. Germany-based Rheinmetall partnered with Unified Business Technologies, based in Michigan, and submitted its Active Defense System — now renamed StrikeShield. During the rodeo, participants did not perform a full installation of their systems on the vehicle. Instead, they set up test rigs in front of Strykers or hung their system off a Stryker in the evaluation. Following the rodeo, the idea was to select one, possibly two systems, to begin some sort of installation characterization on a platform deemed most appropriate for the APS system, Col. Glenn Dean, the Army's Stryker program manager who is also in charge of the interim APS effort, told Defense News in October 2018. Meanwhile, Ostrowski said the Army bought 88 Iron Fist systems for Bradley in 2019 and planned to buy another 36 in the FY20 budget. The service is on a path to field four brigades of Abrams with Trophy by FY21. The Army is also developing its own Modular Active Protection System, which is seen more like a digital integrated backbone that will be designed with an open-system architecture so that vendors can bring radars, optical sensors and hard- or soft-kill effectors and plug them in, according to Ostrowski. The important thing is “to get a capability out there first. . . . Now it's just a matter of moving beyond that,” he said. https://www.defensenews.com/land/2019/04/02/us-army-needs-another-year-to-pick-protection-system-for-stryker/