• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile

  • CORONAVIRUS
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • REGIONS
    • Asia Pacific
    • Canada
    • China
    • Europe
    • Latin America
    • Middle East/Africa
    • North America
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Watch: Meeting DOD’s New Cybersecurity Rules for Contractors
VIDEO

Watch: Meeting DOD’s New Cybersecurity Rules for Contractors

January 12, 2021
Robert J. Bowman, SupplyChainBrain

Chip Lilliewood, vice president of government programs and channels with Dun & Bradstreet, and Bill Solms, president and general manager of Qomplx Government Solutions, explain the new Cybersecurity Maturity Model Certification (CMMC), issued by the U.S. Department of Defense for all suppliers in the government’s defense industrial base.

The CMMC is a new certification standard that builds on existing DOD criteria for cybersecurity protection by government contractors, mostly in the form of the 800-171 mandates issued by the National Institute of Standards and Technology (NIST). What’s different is the requirement that suppliers must now be audited by a third-party assessment organization. Their own statements of compliance with the rules are no longer sufficient. Third parties must themselves be vetted by DOD’s Accreditation Body, and contractors can choose to be audited by any of the approved entities.

Accreditation is “a rigorous process,” says Lilliewood, involving significant expenditures of time and money on the part of prospective contractors. Through pre-assessment, they can determine where any gaps in their compliance measures might lie. In any case, he says, most contractors are well aware of the requirements they must meet in order to be part of the defense industrial base, no matter how onerous they might seem. The same goes for all subcontractors and third parties involved in the making of any relevant product; they must be individually and directly audited before achieving CMMC.

Red flags for DOD include insufficient security controls over the contractor’s data, including how it’s stored, segregated and managed — “things that make a company vulnerable to outside intrusion, and the ability for classified information to be extracted,” says Solms.

“This is not just a one-and-done process,” says Lilliewood. “It has to become part of continuous modeling, to ensure that risk thresholds are being continuously met.”

RELATED CONTENT

RELATED VIDEOS

Sourcing/Procurement/SRM Supply Chain Planning & Optimization Regulation & Compliance Supply Chain Security & Risk Mgmt Aerospace & Defense
  • Related Articles

    Savi Aids in Complying With New DOD Rules for Unique Item IDs

    New DOD Procurement Rules Ban Suppliers Using Chinese Telecom Tech

Robert J. Bowman, SupplyChainBrain

Podcast | Linking Planning and Execution for Real-Time Decision-Making

More from this author

Wake up to live
“Supply Chains in Crisis”
updates and the latest Supply Chain News!

Subscribe to our Daily Newsletter

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • 0620_NFT.png

    Can NFTs Be an Effective Tool for Supply Chain Visibility?

    Technology
  • The Craft Beer Boom: How to Satisfy Changing Consumer Tastes

    Shortages of Beer, Popcorn Join Supply Chain Crisis

    Global Supply Chain Management
  • FedEx

    FedEx Faces Big Changes as New Boss Confronts Higher Costs, Angry Contractors

    Last Mile Delivery
  • 0621_Burrito.png

    Chipotle Zeroes in on Supply Chain Traceability and Visibility

    Sourcing/Procurement/SRM
  • cyber crime

    The Cyber Blind Spot That Makes Every Supply Chain Vulnerable

    Regulation & Compliance

Digital Edition

Scb may 2022 sm

2022 Supply Chain ESG Guide

VIEW THE LATEST ISSUE

Case Studies

  • 3PL Doubles Productivity With Robots to Fulfill Medical Supply Orders

  • E-Commerce Company Cuts Order Fulfillment Time by 40%

  • Fashion Retailer Halves Fulfillment Time With Omichannel Automation

  • Distributor Scales Business by Integrating Warehouse Automaton Software

  • Fast-Growing Fashion Brand Scales E-Commerce Fulfillment With Whiplash

Visit Our Sponsors

Yang Ming Alithya Barcoding
Blue Yonder BNSF Logistics Generix
GEP GreyOrange Here
Honeywell Intelligrated IFM Inmar
Keelvar Kinaxis Korber
Liberty SBF Locus Robotics Logility
Lucas Systems Nvidia Old Dominion
ORTEC Parsyl QIMA
Redwood Logistics Saddle Creek Logistics Schneider Dedicated
Setlog Holding AG Ship4WD Shipwell
Tecsys TGW Systems Thomson Reuters
Tive Trailer Bridge Vecna Robotics
Verity
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2022 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing