The Cybersecurity Maturity Model Certification (CMMC)
Expert Domains > Consulting > The Cybersecurity Maturity Model Certification (CMMC)
The Cybersecurity Maturity Model Certification (CMMC) that has been initiated by the DoD for contractors that lays a framework to implement cybersecurity policies and practices and to ensure the appropriate levels of cybersecurity are in place. The DoD assesses the turnout of CMMC standards will influence 300,000 organizations, hence any organization in the defense contract supply chain will have to be CMMC certified. This would include the following categories:
-
-
- Critical Infrastructure
- Defense
- Export Control
- Financial
- Immigration
- Intelligence
- International Agreements
- Law Enforcement
- Legal
-
-
- Natural and Cultural Resources
- NATO
- Nuclear
- Privacy
- Procurement and Acquisition
- Proprietary Business Information
- Provisional
- Statistical
- Tax
The CMMC enforcement timelines (as of October 2020) are:
- Mid 2020: 3rd party auditors begin applying for accreditation
- Late 2020: Several (less than 20) DoD contracts are chosen to be the first ones that will require CMMC certification
- Late 2020: Bidders to trial DoD contracts start getting audited
- November 30 2020: DFARS is modified to require submission of cybersecurity self-assessment for contract award. CMMC officially phased-in over five years.
- Between 2021 and 2025: New Requests for Proposals (RFPs) gradually begin requiring CMMC certification. This means that most DoD contractors won’t be directly affected by CMMC for a few years.
The basic purpose of acquiring CMMC is to protect CUI and ensure all defense contractors have basic cyber hygiene measures in place. The benefits of becoming CMMC certified include:
- Compete for DOD contracts
- Unify cybersecurity management systems
- Respond to cyberthreats more quickly
- Leverage cybersecurity as a competitive advantage
- Protect trade secrets/sensitive data
- Protect brand reputation
- Meet cybersecurity insurance requirements
In the near future, you will be needing the CMMC Certification to be awarded DoD contracts. At Catalyic, we are a full-service CMMC consulting and preparation company focused on all types of businesses.
As compliance and consultancy providers across many industries, Catalyic offers a thorough support to not only help you gain the CMMC certification but also meet the CMMC self-assessment deadlines.
We will be analyzing your organization’s current cybersecurity hygiene, identify the loopholes and optimize the policies to let your organization achieve the highest certification level.