DHS announces ‘pathfinder assessment’ to review Pentagon cyber certification program

The Department of Homeland Security is looking into the Pentagon’s cyber certification program for defense contractors through a “pathfinder assessment,” exploring ways to improve the “cyber hygiene” practices of contractors who do business with DHS.

DOD’s Cybersecurity Maturity Model Certification program establishes a “trust by verify” approach to ensure defense contractors are protecting controlled unclassified information by requiring companies to pass an independent assessment evaluating their compliance with NIST Special Publication 800-171 and other controls in the CMMC model. There...