CMMC Compliance

The United States Department of Defense (DoD) created the Cybersecurity Maturity Model Certification (CMMC) for contractors to reduce the theft of intellectual property. The CMMC gives the DoD a mechanism to certify the cyber readiness of defense contractors. The new CMMC provides for five levels of certification in both cybersecurity practices and processes. Contractors choose their maturity certification level based on the requirements of the projects they are or will be involved with. Failure to adhere to these new requirements will result in loss of contracts with the DoD. The CMMC is based on NIST and ISO standards, however, unlike self-attestation for NIST compliance, the CMMC requires a third party assessment for certification. Passing a CMMC assessment requires preparation.