“IGNITING INNOVATION GALVANIZING STRATEGIES”
Organization that works with Department of Defense (DoD) known as Defense Industrial Base (DIB) are now well aware of the cybersecurity mandates that have been sweeping across the defense industry over the past several years. In 2015, The U.S. Department of Defense published the Defense Acquisition Federal Regulation Supplement, known as DFARS, which mandates that private DoD Contractors adopt cybersecurity standards according to the NIST SP 800-171 cybersecurity framework. This is all part of a government-led effort to protect the U.S. defense supply chain from foreign and domestic cyber threats and reduce the overall security risk of the sector.
On January 31, 2020, the Department of Defense (DoD) released the Cybersecurity Maturity Model Certification (CMMC). This new framework is to ensure their contractors and suppliers have appropriate cybersecurity frameworks in place to protect data such as Controlled Unclassified Information (CUI), Federal Contact Information (FCI), and other information. The DoD is rolling out the new framework “to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB).”
The Cybersecurity Maturity Model Certification (CMMC) is a framework designed by the Department of Defense (DoD) to help protect controlled unclassified information within its supply chain. Developed by the DoD, federal stakeholders, and industry professionals, the CMMC provides the Defense Industrial Base sector with a clear set of cybersecurity standards and best practices to follow. Many DoD contractors will have to complete the CMMC prior to bidding on work in the coming months. Understanding the current state of your cybersecurity program and how it measures up against the CMMC framework is the critical first step in this process.