CMMC
Contact Us Today for Your PreAssessment
The Cybersecurity Maturity Model Certification (CMMC) is here. It’s being rolled out for the 300,000 non-federal organizations that make up the Pentagon’s supply chain in a staged fashion over the next five years. But organizations should not wait to prepare- especially considering one aspect of CMMC which requires evidence of a culture of cybersecurity.
Per the Office of the Under Secretary of Defense:
​
-
The CMMC will review and combine various cybersecurity standards and best practices and map these controls and processes across several maturity levels that range from basic cyber hygiene to advanced. For a given CMMC level, the associated controls and processes, when implemented, will reduce risk against a specific set of cyber threats.
-
The CMMC effort builds upon existing regulation (DFARS 252.204-7012) that is based on trust by adding a verification component with respect to cybersecurity requirements.
-
The goal is for CMMC to be cost-effective and affordable for small businesses to implement at the lower CMMC levels.
-
Authorized and accredited CMMC Third Party Assessment Organizations (C3PAOs) will conduct assessments and issue CMMC certificates to Defense Industrial Base (DIB) companies at the appropriate level.