Special Offers
- IGI Global’s New Emerging Topic e-Book Collections
  Acquire highly focused and affordable Cutting-Edge Peer-Reviewed Research Content through a selection of 17 topic-focused e-Book Collections discounted up to 90%, compared to list prices. Collection topics include Artificial Intelligence, Data Science, Language Learning, Marketing and Customer Relations, Sustainability, and many more. Hosted on the InfoSci^® platform, these collections feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more.
  Learn More
- Open Access Book (Free Access) - Encyclopedia of Information Science and Technology, Sixth Edition (ISBN: 9781668473665)
  The Encyclopedia of Information Science and Technology, Sixth Edition) continues the legacy set forth by the first five editions by providing comprehensive coverage and up-to-date definitions of the most important issues, concepts, and trends pertaining to technological advancements and information management within a variety of settings and industries. The entire book is being published under open access.
  Read Now
- Open Access Book (Free Access) - Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries (ISBN: 9781668456293)
  Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries provides information on the recent technology, mitigation, and environmental protection that must be applied for food sustainability in developing countries. This book is being published under Platinum Open Access through funding from Diponegoro University, Indonesia.
  Read Now
- Open Access Book (Free Access) - New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY (ISBN: 9781668438091)
  The Walmart Corporation and the Lumina Foundation have provided funding to make New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY fully open access, completely removing any paywall between scholars in education and the latest research on new models for the future of higher education.
  Read Now
- Open Access Book (Free Access) - Handbook of Research on the Global View of Open Access and Scholarly Communications (ISBN: 9781799898054)
  Through a collaboration between IGI Global and the University of North Texas, the Handbook of Research on the Global View of Open Access and Scholarly Communications has been published as fully open access, completely removing any paywall between researchers of any field, and the latest research on the equitable and inclusive nature of Open Access and all of its complications.
  Read Now
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Journals by Field
e-Collections
OnDemand
Open Access
- View All Open Access Opportunities
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Find an Open Access Journal for Your Next Manuscript
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Submit an Open Access Book Proposal
  Learn more about open access book publishing and how it can propel your research forward in the field.
  Convert Your Work to Open Access
  Already published? You can convert your work to open access to increase its impact through IGI Global’s Restrospective Open Access Program.
  Utilize Open Access Collection Database
  Open up your research potential by utilizing our open access content or integrating the open access collection into your library
  Consider Open Access Agreements
  For Libraries: consider no-cost or investment-level open access agreements with IGI Global to support your faculty's research endeavors.
  Search Funding Resources
  Looking for additional funding resources to support your open accesss endeavors? View industry resources compiled by our open access team.
  Review Open Access Policies & Ethical Guidelines
  Considering IGI Global to publish your work under open access? Review IGI Global’s open access policies and ethical guidelines
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us

An Analysis of the Design of the Cybersecurity Maturity Model Certification (CMMC) and Its Direct Effect on Supply Chain Management

Source Title: Real-World Solutions for Diversity, Strategic Change, and Organizational Development: Perspectives in Healthcare, Education, Business, and Technology

DOI: 10.4018/978-1-6684-8691-7.ch014

OnDemand:

(Individual Chapters)

Available

$37.50

Current Special Offers

No Current Special Offers

Abstract

This chapter addresses the rationale behind commissioning the Cybersecurity Maturity Model Certification by the Department of Defense to address critical supply chain issues that directly affect services provided by contractors. The fourth pillar of cybersecurity was added to the existent three-pillar model (cost, schedule, and performance) to significantly lower risk to the supply chain. Scenarios addressed in the chapter identify the need for its immediate implementation. Recommendations were made based on the literature about informing the supply chain community of the impact of cybersecurity's lack of awareness on its overall effect on business continuity and impact.

Chapter Preview

Top

I. Introduction

The Department of Defense (DoD) is the world's largest consumer of goods and services. As the global economy becomes more interconnected, the DoD is increasingly vulnerable to supply chain disruptions and cyber-attacks from malicious actors. To protect its supply chains, the DoD has developed the Cybersecurity Maturity Model Certification (CMMC) program, designed to establish a baseline of cybersecurity standards for its contractors and vendors.

This chapter’s objective is to discuss the causes for the DoD to commission and implement the CMMC to address the gaps in supply chain management at the executive levels of the United States (US) government. It will also provide an overview of the CMMC program, examine the implications of the CMMC standard on the DoD’s supply chains, and suggest potential future improvements. Furthermore, the chapter addresses the rationale for adding cybersecurity as the fourth pillar of the acquisitions cycle. Cyber-attacks have increased worldwide as they interrupt businesses and government operations, leading to massive ransomware payouts and damaged corporate reputations. As a result, cybersecurity threats and attacks have recently become a vital issue for the Department of Defense (DoD).

Methodology

The methodology used in this chapter will be a review of the literature related to the CMMC and the DoD’s role in cybersecurity. The literature review will include published works such as books, journal articles, and other scholarly sources. The literature review will discuss the rationale behind the DoD commissioning and implementing the CMMC, the importance of the DoD’s role in cybersecurity, the various aspects of the CMMC, and how it is beneficial for the DoD and its business vendors and contractors.

Significance of the Study

The DoD’s need for the CMMC program can be traced back to several security gaps in its supply chains. In 2017, the Government Accountability Office (GAO) found that the DoD could not properly track, monitor, and secure the supply chain due to insufficient information about vendors and contractors (Pacheco, 2017). This lack of visibility made it difficult for the DoD to identify and mitigate potential security risks. As a result, the DoD has been increasingly vulnerable to cyber-attacks from malicious actors and supply chain disruptions from external factors. This study offers specific background to answer the current environment to set a baseline of metrics for Supply Chain Management awareness and the influence of policy and future amendments to adapt to the evolving threat matrix with increased risk.

Purpose of the Study

This chapter aims to inform the supply chain community of the impact of cybersecurity's lack of awareness on its overall effect on business continuity and impact. Therefore, additional recommendations conclude this article for consideration.

Definitions

Covered contractor. A covered contractor information system is owned and operated by a contractor that manages, supplies, or conveys Federal contract data (Office of the Under Secretary of Defense, 2022).
Federal contract information. Federal contract information provides, develops, and delivers government contracts. However, it does not include information the government provides to the public on open websites or simple transactional data needed to manage payments (Office of the Under Secretary of Defense, 2022).
Information system. An information system is a separate set of information resources organized for storing, managing, preserving, utilizing, communicating, distributing, or discarding information (Office of the Under Secretary of Defense, 2022).
Safeguarding. Safeguarding means measures or controls prescribed to protect information systems (Office of the Under Secretary of Defense, 2022).
Supply chain. A supply chain combines the ecology of supplies needed to create, produce, and circulate a product. For example, a supply chain in cybersecurity includes hardware and software, cloud, or local storage capacity and distribution devices (European Union Agency for Cybersecurity, 2021b).

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference