The Cybersecurity Maturity Model Certification won’t require all subcontractors on a contract to meet the same level of requirements, depending on the type of information they will be handling. This means smaller companies won’t need to obtain the more-costly higher level CMMC certifications to be included on contracts that require the prime to meet that requirement. DoD will clarify in requests for information notices which parts of a contract will require different certification levels.
Cybersecurity, Privacy, & AI
Trending Now
FBI Takes Down Massive China-Based Cybercrime Network That Caused $1.9B in Losses • Agentic AI Is Coming to Government Faster Than Its Guardrails • Trump Releases National Security Systems Cybersecurity Policy • Industry and Academia Call on Administration to Free Anthropic’s AI Model • A Cyber Force With No Enlisted? Not So Fast, Some Experts Say
Primes, Subs Won’t Face the Same CMMC Security Requirements on All Contracts
Gorodenkoff | Shutterstock
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.