CYBERSECURITY MATURITY MODEL CERTIFICATION REQUIREMENTS

What You Need

In response to recent executive orders and growing numbers of high-profile government data breaches, DOD released Cybersecurity Maturity Model Certification (CMMC) Version 1.0, a new framework designed to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB) and its suppliers. CMMC is an evolution of DFARS 252.204-7012/NIST SP 800-171 that now requires third-party certification.

DOD Contractors must also abide to DFARS legal clauses in addition to the cyber security requirements. The CMMC will be used as a unified framework for defense contractors to demonstrate cybersecurity program maturity and protection of CUI.