The Cybersecurity Maturity Model Certification process measures a DoD contractor’s ability to protect Federal Contract Information and Controlled Unclassified Information, and contractors and their subcontractors will need to pass a CMMC audit conducted by an independent third party before bidding on new contracts. It requires DoD contractors to obtain a rating, from Level 1 through Level 5, measuring cybersecurity maturity across 17 domain areas. The level required of a contractor won’t necessarily apply to a subcontractor on the same contract, but will instead depend on their role and the information it needs from the prime contractor.
Cybersecurity, Privacy, & AI
Trending Now
Top House Cyber Lawmaker Plans to Introduce DHS Overhaul Bill by Next Year • Executive Orders Seek to Hasten Quantum Computing—and Guard Against Its Use • In a First, a Court Takedown Goes After Two Cybercrime Tools at Once • NIST Opens Updated IoT Security Guidance to Public Review • Five Eyes Agencies Urge Leaders to Strengthen Cyber Resilience in AI Era
Why Defense Contractors Should Fear Falling Behind with New Cyber Standards
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.