DOD acquisition leaders: CMMC will be ‘foundational’ to other supply chain initiatives across government

The rollout of the Pentagon’s Cybersecurity Maturity Model Certification program is one of several lines of effort at the Defense Department’s acquisition office addressing supply chain risk management, according to Pentagon acquisition leaders who described the multifaceted approach in an exclusive interview.

“Our team at the Department of Defense is working on a supply chain risk management strategy with the whole of the department,” DOD acquisition CISO Katie Arrington told Inside Cybersecurity. “We are spearheading it. CMMC is a baseline...