The Cybersecurity Maturity Model Certification Advisory Board’s rough month continues. Ty Schieber, the chairman of the CMMC-AB, and Mark Berman, the chairman of the communications committee, are leaving the board unexpectedly.
Rumors have been swirling over the last week about a shakeup on the board.
A Defense Department spokesperson confirmed Schieber and Berman are leaving, and Karlton Johnson will be the new chairman.
“We thank Ty Schieber, chairman, and Mark Berman, communications director, for their thoughtful leadership,” the spokesperson said. “We look forward to a continued strong relationship moving forward.”
Johnson also confirmed that Schieber and Berman are leaving.
“Mr. Schieber and Mr. Berman both issued their resignations to the board. They were enormously proud of and grateful for what they did for the AB team in setting the conditions for our ongoing success since our start in January 2020,” Johnson said in an email to Federal News Network. “They were thankful for the great personal commitment and sacrifice made by each member of the board, and conveyed that it was a privilege to serve in this endeavor. Ty communicated that he felt it was time for a change in leadership to inject refreshed perspectives and energy as the initiative enters the next phase. He also communicated that he would never waiver in his staunch support to both the CMMC and the CMMC-AB, and he wished the team the absolute best in its continued efforts to ensure the security of the Defense Industrial Base.”
Schieber has led the board since DoD helped establish it in January 2020. Berman has been the lead spokesperson for the board’s goals and actions.
Both have come under fire lately for missteps of the board. It published a partner program concept, that some called pay for play, that seem to want to charge as much as $500,000 as a way to promote certain companies over others.
The AB released a statement downplaying the partnership idea saying, “the CMMC-AB will not accept sponsorship or partnership funds from government contractors subject to CMMC certification.”
Still, many in the community believe the damage was done and the push for Schieber and Berman to leave grew stronger.
Berman also had to walk back similar mistakes when the board accidentally released details of the assessment and certification processes before it was ready.
Schieber and Berman become the third and fourth members of the board to leave in six weeks. In early August, John Weiler, CEO of the IT Acquisition Advisory Committee (IT-ACC), and Jim Goepel, the CEO and general counsel for Fathom Cyber LLC, are no longer listed on the main board of directors section.
Despite the missteps, the CMMC-AB continues to make progress to get assessors trained and putting the pieces together to make the cyber standards go from idea to operational initiative.
DoD released the CMMC standards in January with a plan to get it operational in early fiscal 2021 with 10-to-15 pathfinder solicitations.