CMMC announces new advisory council to collect industry feedback


The governing body for the Defense Department's cybersecurity compliance program has launched a new organization charged with getting defense contractors' feedback on the implementation process.

The CMMC advisory council will "provide a crystallizing, unified voice" for defense contractors seeking certification and "supply key feedback, input and recommendations for implementing CMMC" said Karlton Johnson, the chair of the CMMC Accreditation Body.

The council is separate from the board of directors and will operate between the defense industry base, the CMMC Accreditation Body and the Defense Department.

"The [industry advisory council] will serve as a crucible for industry dialogue, bringing the best and brightest together to address cyber readiness challenges in the [defense industry base] and strengthen CMMC to its maximum potential," Johnson said in a statement announcing the move on April 6.

Johnson told FCW via email the council will provide public reports on feedback and recommendations at least annually. The AB is also planning to add town hall sessions dedicated to the IAC once it's operational.

"Once operational, we anticipate a focused town hall session on the IAC periodically. Since we started public town halls the last Tuesday of every month, we will establish a more regular calendar of rotating topics throughout the year focused on" the CMMC's various components including third party assessment organizations (C3PAOs).

One of the first issues the council will likely target, Johnson said, will be the cost of CMMC's implementation.

"One area that has garnered a lot of interest recently has been the true cost of compliance," Johnson said. "The IAC can serve as the central collection mechanism for real implementation, assessment and remediation cost to become certified for large and small businesses alike."

Yong-Gon Chon, who serves as the CMMC board's treasurer, will lead the council and serve as a facilitator. The council has 12 members from across industry.

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected