Tags Stacy Bostjanick

Working out arrangements with foreign partners is 'next hurdle’ for CMMC implementation


"We've had a couple of countries to date that have balked at the prospect of a U.S. person coming and doing an assessment on their soil," Stacy Bostjanick said.

DOD planning to use NIST 800-171 as evaluation criteria for contracts prior to CMMC rule


The NIST standards have been part of federal law for contractors for several years, but until now, contracting officers have been "lackadaisical" about enforcing them, said the head of DOD's CMMC program.

DOD exploring requirements for managed service providers under CMMC


The Department of Defense has created a new framework of cybersecurity requirements and certifications contractors must achieve under the Cybersecurity Maturity Model Certification (CMMC). But what about the DOD contractors that mostly outsource their IT and cybersecurity to managed service providers? The Pentagon’s CMMC leadership, now housed in its Office of the CIO, is planning to meet soon to address potential requirements for managed service providers under the CMMC framework…