The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for implementing cybersecurity across the defense industrial base (DIB), which includes over 300,000 companies in the supply chain. The CMMC brings together a number of previous compliance processes into one unified framework including NIST SP 800-171 and other government regulations.
Cybersecurity preparedness is becoming increasingly critical with ongoing threats to the nation’s economic and national security from foreign actors, and as a result, the DoD considers the CMMC program a vital part of the government’s response to these threats.
In November 2021, the DoD announced CMMC 2.0, an updated program that will streamline the current CMMC model from 5 to 3 compliance levels, use NIST cybersecurity standards, and allow demonstration of compliance through self-assessments for companies at Level 1 and a subset of Level 2.