The CMMC 2.0 initiative aims to protect sensitive data across the defense industrial base. With the final CMMC 2.0 now in effect, the clock is ticking for defense and government contractors to comply.

CMMC 2.0 is here – are you ready? The Department of Defense has at least 300,000 contractors, with multiple potential cybersecurity breach points endangering every single one.

CMMC 2.0, the recently updated DoD program to ensure contractors protect sensitive government data, aims to simplify the compliance processes of the program’s original version.However, I believe the ...

WHAT: The U.S. Department of Defense (DOD) has issued a proposed rule setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The ...

While CMMC has been in the works for years, “we’re seeing a lot more inquiries now” in the wake of the finalization of the program rule in December, Pufahl said.

Part of CMMC is supply chain risk management. Companies that serve the government are being asked to guarantee that their suppliers, vendors and service providers also meet cybersecurity standards.

So CMMC is really just the auditing of what defense contractors have long been required to do. It’s been a long time in the making — four to five years depending on when you start counting.

The Arrival of CMMC 2.0. In October 2024, the DoD published a new update to its Cybersecurity Maturity Model Certification (a.k.a. the CMMC 2.0) enforcing new cybersecurity standards on universities ...

CMMC Level 3: The third level builds upon Level 2 by requiring full implementation of NIST SP 800-171 Rev 2 controls plus additional practices derived from NIST SP 800-172.

CMMC Level 3 nonrecurring engineering costs for implementation and maintenance of the new NIST SP 800-172 requirements: $21,100,000 for other-than-small entities ($2,700,000 for small entities) ...

The Cybersecurity Maturity Model Certification is a framework developed by the United States Department of Defense. CMMC is designed to enhance contractor and vendor cybersecurity practices and ...