The board overseeing the Defense Department’s Cybersecurity Maturity Model Certification is losing two members, which leaders of the board say is part of the normal churn of an all-volunteer organization.
- Eric Crusius, Partner at Holland & Knight, agrees the churn makes sense given the board’s all-volunteer status.
- Crusius said it’s possible private sector companies not doing business with the federal government will have to get a CMMC certification and that it “seems like we’re moving in that direction as a country.”
- Crusius said a guidance document about FedRAMP authorization reciprocity will probably be out near the end of the fiscal year.