In January 2020, to combat the rise in cybersecurity incidences, the United States Department of Defense (DoD) issued initial guidelines for Cybersecurity Maturity Model Certification (CMMC).” It is a series of processes and practices that serve as a cybersecurity framework for those in the Defense Industrial Base (DIB).
Although the CMMC framework builds upon NIST SP 800-171, the CMMC framework has additional requirements and cannot be achieved through self certification (must be certified by a C3PAO). The deadline for compliance is approaching and the implication and cost associated with non-compliance is real.
