Cybersecurity Maturity Model Certification (CMMC)
CMMC is a new cybersecurity compliance requirement with third party verification coming soon to U.S. Department of Defense (DoD) contracts. The entire Defense Industrial Base (DIB) is expected to be certified by Oct 1,2025. This includes all federally funded research centers and contractors at all tiers, even those which are international.
This article first appeared in PECB Insights 30:18-23. February 2021
More Field Notes
CMMC in 27 minutes – a video overview of the changes coming with CMMC and why.
Experience shows that focusing on Level 3+ results from the outset yields a much more powerful outcome while also making the project easier and less risky.
Leverage our lessons learned to make your project easier using the SecuriThink Data Classification Complexity Scale.
Actionable distinctions about CISO responsibilities and the skills to master them have been identified by executive recruiters. These distinctions go beyond staffing; they also describe behaviors that increase overall InfoSec maturity.
Rally C-suite ownership with a compelling business case for change
Managing across the enterprise for new security habits
Quick Start the project, cross-train client team, manage risk
23 Workstreams over 2 years deployed many technologies and policy changes in support of a “Defense In Depth” InfoSec strategy
Behavior change and more leverage from Security Education and Awareness (SEA)
Reduce technical support with appropriate employee engagement
Minimize business impact and technical support requirements
High security computer-based test centers