Cybersecurity Dive reports that only 1% of U.S. defense contractors expressed total readiness for Cybersecurity Maturity Model Certification evaluations once the program is implemented next month.Findings from a CyberSheath survey showed that preparedness remains uneven, with fewer than half of respondents having implemented required security controls or completed necessary documentation, such as system security plans and plans of action and milestones.Adoption of key security measures remains limited. Only 22% have patch-management systems, 25% have endpoint detection and response tools, 27% use multifactor authentication, and just 29% of contractors have reliable backup systems. Supplier Performance Risk System scores, which are required for full compliance, remain a concern, as none of the surveyed contractors reached the required score of 110, and 17% still reported negative scores.The survey also highlighted the potential consequences of delay. CyberSheath noted that as CMMC moves from policy to procurement, "the cost of delay is no longer measured only in lost contracts but in the exposure of sensitive national security information."
Critical Infrastructure Security
Contractor readiness for DoD’s cybersecurity program lagging

(Defense Department)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



