The Department of Homeland Security (DHS) wants to find a path forward to enhance its cyber hygiene practices. DHS is tracking progress on the Defense Department’s Cybersecurity Maturity Model Certification (CMMC) for lessons learned.
- Nick Sinai, senior advisor at Insight Partners and former deputy chief technology officer of the United States, said he is not convinced the “broad, heavyweight compliance regime” of CMMC is the best way to solve the problem it intends to address.
- The Pentagon designed CMMC to improve the cyber hygiene of defense contractors, which have high amounts of sensitive, unclassified information, explained Sinai.
- Sinai said it is important to account for dynamic systems and threats and avoid building a compliance system that is too static.