In a major effort to strengthen the cybersecurity posture of the hundred of thousands of Defense Industrial Base (DIB) subcontractors, the Department of Defense today released final Model Version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework. This version replaces previously released versions 0.4, 0.6, and 0.7, which have been made available to the… Read more »
defense contractors
Getting Ready for CMMC | Recommended Resources and Links
The Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program will be a new contractual requirement for all DoD contractors. It will impact the 300,000 firms that make up the defense industrial base. It will not be a self-attestation model, but rather a third-party certification and compliance model. In 2020, the DoD plans to finalize… Read more »
Cybersecurity Maturity Model Certification (CMMC) Version 0.7 Arrives!
The Cybersecurity Maturity Model Certification (CMMC) Draft Version 0.7 is live and available here. Version 0.7 includes Level 4-5 practices and modifies some maturity processes and Level 1-3 practices. This draft is another step closer to the final version — CMMC 1.0. The CMMC will be a new contractual requirement for all DoD contractors. … Read more »
Navy Gets Tough on DFARS Cybersecurity Compliance with Updated Acquisition Regulations
Last year we told you about a 2018 Navy memo, known as the Geurts Memo, which required defense contractors to implement certain controls for NIST SP 800-171, some of them going beyond 171 requirements. If you didn’t see our write-up, it can be found here: “Still Lagging on DFARS? The Navy Has A Memo For… Read more »