Is Your Supply Chain Ready for Cyber Inspections?
December 11, 2019
DOD’s New CMMC Security Requirements for Government Contractors Includes Mandatory Certification Audits
The new Cybersecurity Maturity Model Certification (CMMC) expands the current self-customized NIST- based cyber security approach under the DFARS to add third-party verification and certifications. This new standard applies to all prime contractors and subcontractors as well as direct and indirect suppliers. The CMMC rates your maturity levels between 1-5 for both technical practices and actual processes across 17 domains. It specifies new asset management, situational awareness and recovery obligations along with minimum security for contracts, full time security operation centers, incident response teams and inter-domain encryption. Once finalized, failure to implement these requirements may lead to bid protests, suspension, disbarment or false claims violations for non-compliance.