The Cybersecurity Maturity Model Certification process measures a DoD contractor’s ability to protect Federal Contract Information and Controlled Unclassified Information, and contractors and their subcontractors will need to pass a CMMC audit conducted by an independent third party before bidding on new contracts. It requires DoD contractors to obtain a rating, from Level 1 through Level 5, measuring cybersecurity maturity across 17 domain areas. The level required of a contractor won’t necessarily apply to a subcontractor on the same contract, but will instead depend on their role and the information it needs from the prime contractor.
Cybersecurity, Privacy, & AI
Trending Now
Your AI Agent Could Become Your Biggest Insider Threat • The New Cyber Deterrent Isn’t a Weapon. It’s Cyber Recovery. • Commerce OIG Calls for Changes to NIST Vulnerability Database Management • Pentagon Looks to AI, Other Tech to Help Tackle Contested Logistics Challenges • How Defensive Cyber Responds to Hockey-Stick Growth of AI-Driven Threats
Why Defense Contractors Should Fear Falling Behind with New Cyber Standards
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.