Why AI Supply Chain Risk Is a DoD Priority Now
Defense agencies are no longer just concerned about classified data — they're worried about what your AI vendor put in the model.
The DoD's concern with AI supply chain risk stems from a basic reality: if your AI system fails, the mission fails. Whether it's a model trained on unvetted data, a third-party API that ghosts mid-operation, or a vendor that can't explain how their algorithm makes decisions — those are all gaps adversaries can exploit.
DFARS clause 252.204-7012 already mandates safeguarding covered defense information. The emergence of AI as critical DoD infrastructure adds a new surface area. CMMC 2.0 was built to address exactly this expanded threat model.
What CMMC Level 2 Actually Means for AI Adopters
CMMC Level 2 is not a checkbox exercise. It's 110+ security requirements derived from NIST SP 800-171, many directly applicable to AI systems. The table below maps CMMC domains to the AI-specific risks that defense contractors most commonly face during assessment.
| CMMC Domain | AI-Specific Risk | What You Need to Show Assessors |
|---|---|---|
| Access Control (AC) |
Who can query the model?
Models accessed by too many users; no role-based limits on inference, retraining, or configuration changes.
AI systems often bypass traditional access controls by treating inference as "read-only." That's not a safe assumption. |
Access control policy Role-based access to model endpoints, RBAC for retraining/updates, documented approval workflows for model changes. |
| Audit & Accountability (AU) | No logs on AI requests or model changes Untracked inference calls, missing model version history, no accountability trail for outputs that fed into DoD decisions. | Query logging + model version tracking Evidence of inference audit logs, model checkpoint/version records, change history for all model updates. |
| System & Communications Protection (SC) | API calls to third-party AI leak data Unencrypted inference requests, data residency violations, third-party model providers with unclear data handling policies. | Encryption in transit + data residency controls TLS enforcement on all AI API calls, data handling agreements with AI vendors, FedRAMP authorization documentation. |
| Risk Assessment (RA) | Third-party AI vendor never assessed No FISMA categorization, no FedRAMP authorization, no security assessment of the AI vendor's SDLC or data practices. | AI vendor security packages Vendor security questionnaires, SDLC documentation, evidence of third-party assessments or authorizations. |
| Configuration Management (CM) | Model updated with no change control Informal model updates, no rollback capability, no approval process for retraining jobs that could alter model behavior. | Model versioning + change control Model cards, configuration baselines, approval workflows for retraining, documented rollback procedures. |
The pinch point for most defense contractors isn't policy — it's documentation. CMMC assessors want to see evidence of your processes, not just your intentions. For AI systems, that means model cards, data lineage records, and vendor security packages assembled before the assessment window opens.
NIST AI RMF: A Complementary Framework, Not a Replacement
NIST released the AI Risk Management Framework (AI RMF 1.0) in January 2023. It's voluntary — unlike CMMC — but DoD contracting officers are increasingly referencing it in RFP language.
Where CMMC is a compliance exercise, NIST AI RMF is a thinking framework. It breaks AI risk into four functions:
- Govern — Build organizational AI risk tolerance into policy
- Map — Profile your AI systems and their failure modes
- Measure — Quantify AI risk with metrics (bias, robustness, transparency)
- Manage — Act on risk, monitor continuously
The practical overlap: organizations that already have CMMC controls in place for Govern and Manage functions are 60–70% of the way toward satisfying NIST AI RMF requirements. You're not starting from scratch — you're overlaying a more AI-specific lens on controls you may already have. Learn more about NIST framework alignment →
How a vCISO Engagement Accelerates Certification
Most mid-tier defense contractors don't have a full-time CISO. Trying to啃 CMMC Level 2 with part-time IT staff is how companies miss their certification windows — or worse, get assessed and fail with a remediation bill that's double what proactive work would have cost.
A vCISO engagement focused on AI governance delivers three things that self-guided programs can't:
- Gap assessment in weeks, not months. A vCISO with CMMC experience maps your current posture to the 110 controls in days, identifies AI-specific gaps, and builds a remediation roadmap with priority ordering.
- Documentation that stands up to assessment. Policy documents, evidence artifacts, and SSP updates built to C3PAO audit standards — not internal "good enough" drafts.
- AI-specific risk framing. A vCISO who understands both NIST AI RMF and DoD contracting language can translate your model risk into terms the DCSA inspector will recognize.
The right vCISO isn't a consultant with a slide deck. They're embedded in your program long enough to carry you through assessment — from gap analysis through C3PAO review.
Ready to get certified?
Altiri's AI Security practice works with defense contractors navigating CMMC Level 2 and NIST AI RMF requirements. Let's map your current posture and build a path forward.