Cybersecurity Maturity Model Certification (CMMC) Best Practices Guide
Beginning in Fall 2020, defense contractors face the very real threat of losing business if they are non-compliant with the newly released Cybersecurity Maturity Model Certification (CMMC) standard.Under the current regulations — DFARS 252.204-7012 — contractors self-attest to having implemented security controls identified in NIST SP 800-171 that safeguard Controlled Unclassified Information (CUI). With CMMC, self-attestation is out, and contractors must be audited and certified before they can bid on RFPs. CUI may be contained in an ERP system, or any other system that stores financial, supply chain, or technical data.
Forward-thinking aerospace and defense contractors that obtain certification early will be eligible to bid on more contracts and avoid potential assessment backlogs.
Read this guide for a look at the CMMC’s impact on defense suppliers in all tiers, and get advice on how to turn CMMC into a competitive advantage.
Please complete the form below