Maintaining compliance with government regulations can be daunting for many companies. This is especially true when it comes to the Cybersecurity Maturity Model Certification (CMMC), which requires Department of Defense (DoD) contractors to implement specific security controls in order to protect sensitive data pertaining to national security.
On November 4, 2021, the Department of Defense (DoD) announced a massive overhaul of the Cybersecurity Maturity Model Certification (CMMC 1.0) program. The new framework, dubbed CMMC 2.0, is still being finalized and not yet publicly available, raising a lot of questions for many Defense Industrial Base (DIB) contractors and subcontractors about how they’ll need to adjust.
The Department of Defense’s (DoD) announcement of revamping their Cybersecurity Maturity Model Certification (CMMC) program has left many contractors trying to understand how the update will affect their compliance needs and audit requirements. To offer clarity and guidance on the new framework, we put together a list of the top five questions companies have been asking about CMMC 2.0.
On November 4, 2021, the Department of Defense (DoD) announced several changes to the Cybersecurity Maturity Model Certification (CMMC) program, now referred to as CMMC 1.0. CMMC 2.0, the updated version of the framework, is a culmination of the DoD’s months-long internal review of CMMC 1.0’s implementation and significant changes to the program’s strategic direction.
Last week, the U.S. Department of Defense came out with updates to CMMC the framework. The aim of the updates, labeled "CMMC 2.0", is to provide strategic direction following an internal program assessment by the Department leaders. The revision still maintains the compliance's goal of safeguarding sensitive information, while simplifying the standards it follows.
For many contractors working for the Department of Defense (DoD), the Cybersecurity Maturity Model Certification (CMMC) is nothing more than just another headache. Adopting a new set of cybersecurity standards is no joke, especially for companies that have already invested an enormous amount of effort to comply with the requirements of NIST 800-171 and the Defense Federal Acquisition Regulation ...
Cyberattacks pose a serious threat to national security, and defense contractors should start preparing now for the new wave of legislation being introduced to guard against those threats. With CMMC audits expected to start taking place by the end of the year, potential and existing DoD contractors are running out of time to prepare for their CMMC applications.
The Department of Defense (DoD) is expecting all companies working in its industrial base to comply with the requirements of the Cybersecurity Maturity Model Certification (CMMC) Version 1.0 by next year. This is part of the Pentagon's plan to safeguard controlled unclassified information (CUI) and industrial base networks from cyberattacks.
The Cybersecurity Maturity Model Certification (CMMC) is a unified cybersecurity standard for protecting controlled unclassified information (CUI) pertaining to the Department of Defense. The DoD has one of the world’s biggest supply chains, spanning over 300,000 organizations. Any organization that’s part of that supply chain in any capacity, or is considering signing off contracts with the DoD ...
The official CMMC requirements, released in January 2020, specifies that organizations in the defense supply chain will need a third-party security assessment before they are awarded a certification. The first round of assessors is now in the process of being trained, and it’s likely that the first CMMC audits will be carried out early next year or possibly earlier. Despite the ongoing pandemic, ...