It’s full steam ahead for the Department of Defense Cybersecurity Maturity Model. This new requirement will start showing up in DoD Requests for Information as of June, although actual certification is not required until contract award.
In preparing for it, hundreds of thousands of defense contractors must take a formalized and structured approach to their cybersecurity policies and procedures – and prove their efficacy to government-sanctioned auditors.
For many, especially smaller to mid-sized companies, it requires an effort beyond anything they’ve had to do before. Because compliance verification will be ongoing, it won’t be just a one-and-done activity.
Read the full article from Ishan Girdhar on CMMC at Washington Technology.
Learn more about Privva's CMMC Assessment Platform here.