The Cybersecurity Maturity Model Certification (CMMC) is the latest verification method put in place by the Department of Defense (DoD). This certification is the Department's first attempt to set clear requirements for contractors when it comes to cybersecurity. The ultimate goal of the CMMC is to implement an appropriate level of cybersecurity across the supply chain of the defense industrial base (DIB). The DIB supply chain includes more than 300,000 companies, all of which are responsible for protecting unclassified information (CUI) under the CMMC.
The US DoD recognizes that information security is a foundational requirement for the Defense Industrial Base (DIB) supply chain. As such, the US DoD is committed to developing and requiring a consolidated Cybersecurity standard to identify required security practices and controls through the DoD Acquisition process beginning in late 2020.
CMMC will define 5 levels of cybersecurity readiness, which all US DoD contracts will invoke on the DIB supply chain. It is estimated that over 300,000 DIB contractors will be affected throughout the 3 to 5 year roll-out, with most requiring a Level 1 through Level 3 certification.
CMMC have launched a 'Path to an Accreditation Ecosystem' timeline - download it here.
Helps you with
US DoD Contract Compliance (FAR 52.204-21 & DFARS 252-204-7012)