John Sherman, chief information officer at the Department of Defense and a 2022 Wash100 Award winner, said he wants to ramp up engagements with small and medium-sized businesses and clarify requirements under the second iteration of the Cybersecurity Maturity Model Certification program as part of efforts to elevate the “waterline” of DOD’s cybersecurity defenses, Breaking Defense reported Wednesday.
“It means raising the waterline of cybersecurity across the DoD to keep the Chinese and Russians and other potential adversaries away from our critical data,” Sherman said of CMMC 2.0 at a conference.
“This is basic hygiene to raise the water level to make sure we can protect our sensitive data so that when our service members have to go into action, they’re not going to have an unfair position because our adversary’s already stolen key data and technologies that’ll put them at an advantage,” he added.
Sherman also highlighted the importance of the CMMC 2.0 program to the Pentagon.
“There’s a cost to your IP, there’s a cost to the US government and there’s a benefit to our adversaries if we don’t do something like this,” he said of the cyber certification program.
In early February, Deputy Defense Secretary and 2022 Wash100 awardee Kathleen Hicks ordered the transfer of the CMMC program from the office of the undersecretary of defense for acquisition and sustainment to Sherman’s office as part of a realignment effort.
Sherman will keynote the Potomac Officers Club’s 3rd Annual CIO Summit, scheduled for April 26. Visit the Potomac Officers Club site to learn more about this event and view POC’s full calendar.