The US Department of Defense (DoD) works with over 100,000 companies and their subcontractors that are part of the Defense Industrial Base (DIB) sector. This sector “enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet US military requirements.” Given the amount of money and highly ...

Maintaining compliance with government regulations can be daunting for many companies. This is especially true when it comes to the Cybersecurity Maturity Model Certification (CMMC), which requires Department of Defense (DoD) contractors to implement specific security controls in order to protect sensitive data pertaining to national security.

On November 4, 2021, the US Department of Defense (DoD) announced a massive revamp of the Cybersecurity Maturity Model Certification (CMMC 1.0) program. The new framework, dubbed CMMC 2.0, aims to eliminate red tape for small- and medium-sized businesses and strengthen cooperation between the DoD and contractors in addressing ever-evolving cyberthreats.

The Cybersecurity Maturity Model Certification (CMMC) guides organizations in building and strengthening their cybersecurity posture into manageable chunks. Apart from specifying controls that every Department of Defense (DoD) contractor and subcontractor must implement, the CMMC model also requires key cyber initiatives to ensure that data is protected on all fronts from unauthorized access. One ...

The Cybersecurity Maturity Model Certification (CMMC) framework is the basis for Department of Defense (DoD) efforts to safeguard controlled unclassified information (CUI) across its vast worldwide supply chain. This framework comprises 171 practices that are stacked across 17 domains and 43 capabilities, each of which belongs to one of the maturity levels in the model.

On November 4, 2021, the Department of Defense (DoD) announced a massive overhaul of the Cybersecurity Maturity Model Certification (CMMC 1.0) program. The new framework, dubbed CMMC 2.0, is still being finalized and not yet publicly available, raising a lot of questions for many Defense Industrial Base (DIB) contractors and subcontractors about how they’ll need to adjust.

The Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity assessment program developed by the US Department of Defense (DoD). It is aimed at measuring the maturity of a defense contractor’s cybersecurity processes toward demonstrating compliance with standards for protecting federal contract information (FCI) and controlled unclassified information (CUI). 

The Department of Defense’s (DoD) announcement of revamping their Cybersecurity Maturity Model Certification (CMMC) program has left many contractors trying to understand how the update will affect their compliance needs and audit requirements. To offer clarity and guidance on the new framework, we put together a list of the top five questions companies have been asking about CMMC 2.0.

In January 2020, the US Department of Defense (DoD) launched the first version of the Cybersecurity Maturity Model Certification (CMMC 1.0) framework. This framework was created to ensure that appropriate cybersecurity measures were in place to protect the following types of information: 

On November 4, 2021, the Department of Defense (DoD) announced several changes to the Cybersecurity Maturity Model Certification (CMMC) program, now referred to as CMMC 1.0. CMMC 2.0, the updated version of the framework, is a culmination of the DoD’s months-long internal review of CMMC 1.0’s implementation and significant changes to the program’s strategic direction.