The Cybersecurity Maturity Model Certification regime from the Department of Defense is now a required threshold for defense contractors and contains five distinct levels of compliance. Compliance must be certified by a third party auditor — self-attestation isn’t enough — and there are five separate levels of compliance. Level III, the most common level that […]
Right now, the Department of Defense says that CMMC certifications will remain valid for three years. So, there will be a need for re-assessment and new certification at three year intervals. There is the possibility that this period for required renewals will change as DoD sees the system work in practice.
No. CMMC (Cybersecurity Maturity Model Certification) is solely a Department of Defense initiative. Many of the CMMC requirements will, of course, overlap with other non-Defense federal cybersecurity hygiene requirements. But the CMMC model and testing is a purely Defense oriented protocol.
The Department of Defense is planning a phased rollout of CMMC requirements over the next several years. As CMMC requirements are issued on a per-contract basis, the phased rollout is defined as a steady increase in yearly prime contracts requiring a CMMC certification for contractors. The number of contracts scheduled to have CMMC requirements in […]
CMMC (Cybersecurity Maturity Model Certification) compliance is causing many defense contractors to feel overwhelmed. The cybersecurity space is filled with jargon, the model presents different levels of security for different vendors and there appear to be a lot of specific requirements. The first step is simply to figure out where you currently stand. And the […]
CMMC certification is a tiered system, with five levels of certification for contractors that are dependent on the CUI (Controlled Unclassified Information) and security considerations of various DOD projects that contractors will be working on. The question then arises from some contractors — if we don’t handle any CUI, is CMMC certification still necessary? The […]