The Cybersecurity Maturity Model Certification, or CMMC, has been a topic of conversation for a few years within the Defense Industrial Base (DIB). CMMC is a unified standard for implementing cybersecurity across the DIB, which includes over 300,000 companies in the supply chain. The CMMC is the DoD’s response to significant compromises of sensitive defense information located on contractors’ information systems. The US Department of Defense (DoD) released the much-anticipated Cybersecurity Maturity Model Certification (CMMC) version 1.0•• on January 31, 2020. Since then, CMMC has undergone much scrutiny and discussion. Here is a timeline of CMMC:
September 2020: The CMMC program published by the DoD (now known as CMMC 1.0). This framework assesses a Defense Industrial Base (DIB) contractor’s compliance with a set of cybersecurity standards.
November 2020: A Presidential interim rule became effective, establishing a five-year phase-in period and requiring compliance with NIST 800-71 rules.
March 2021: The DoD announced an internal review of CMMC’s implementation.
November 2021: The DoD announced CMMC 2.0, and updated program and requirements designed to meet certain goals, including:
- Protecting sensitive information to enable and protect the warfighter.
- Dynamically enhance DIB cybersecurity to meet evolving threats.
- Ensuring accountability while minimizing barriers to compliance with DoD requirements.
- Contributing to a collaborative culture of cybersecurity and cyber resilience.
- Maintaining public trust through high professional and ethical standards.
The anticipated launch of CMMC 3.0 has brought new changes and requirements for compliance that are vital for business owners to understand.
The CMMC (Cybersecurity Maturity Model Certification) 3.0 is a long-awaited update to the original CMMC 1.0, which was developed by the Department of Defense (DoD). This update is designed to increase cybersecurity standards across government contractors and subcontractors in order to protect sensitive government data from potential cyberthreats.
In this article, we’ll cover what changes are anticipated with CMMC 3.0 and provide an outlined CMMC compliance checklist for businesses to use as guidance when preparing for their certification audit. We’ll also talk about how an IT provider like Braxton-Grant Technologies can help.
Here’s everything you need to know: