Defense Releases Final Cybersecurity Standards

The Pentagon finally issued the anticipated new cyber-security standards -- Cybersecurity Maturity Model Certification (CMMC) this past week.
The new standards, released as Version 1.0 of the CMMC are the first step towards implementing cybersecurity standards into all Defense Department contracts.  
The CMMC model, consists of five levels of security standards, which will be phased into requests for information starting later this year. Most current contractors that work with unclassified information will need to meet only level one of the framework -- the least secure on the scale. 
From there, the more sensitive the information contractors handle, the higher the level of certification they will need to receive under CMMC, up to level five. All levels will be certified by independent assessors who will conduct in-person checks. 
The model was born out of a realization that "checklist" security and self-assessment, the current standard set out by National Institute of Standards and Technology rule 800, was failing. Hacks of defense contractors have leaked national security secrets up and down the supply chain. Contractor cybersecurity was seen as a weak link by adversaries and routinely exploited. 
The official release of the CMMC standards means contractors will now need to pay a CMMC-certified assessor to physically inspect their operations to ensure they comply with one of the five levels. The CMMC assessors that will physically inspect contractors will be trained and overseen by a nonprofit board comprised of industry and academic partners. 
As CMMC begins appearing in RFIs and actual solicitations, if a contractor doesn't meet the contract's requisite level under the framework, they won't be able to bid for the work.

« Back to News

News & Tips
Government contractor news & industry tips from a source you can trust. Sign up for our weekly updates to stay informed and get involved. Easily unsubscribe at any time.

Our Insider's Guide Series was developed as an easy-to-understand series of guides to assist you through the government procurement process.

National Association of Government Contractors
1250 Connecticut Ave NW
Suite 700
Washington, DC 20036
Phone: 202-465-3750
Toll Free: 1.800.979.NAGC
LinkedIn Facebook Twitter

FedEx Shipping Discount
Office Depot Member Program
Dell Small Business
Avis Car Rental
GEICO Insurance

Privacy Policy | Subscriber Agreement & Terms of Use | Purchase Policy | Data & Cookies
Copyright © 2004 - 2021 National Association of Government Contractors.   All Rights Reserved. Geotrust RapidSSL