In recent years, the DoD has undergone a series of bold cybersecurity initiatives, from embracing responsible vulnerability disclosure to the trailblazing Hack the Pentagon initiative. Now, the DoD has a new risk in its sights: defense contractors.

 

Not satisfied with the previous self-assessment model, the DoD has developed the Cybersecurity Maturity Model Certification (CMMC). In this article, we’ll cover the top 10 things your organization needs to know about CMMC.

1) CMMC Is The Most Comprehensive Compliance Framework Yet

After months of development, the CMMC has launched as one of the most stringent cybersecurity standards ever developed. With 171 controls spread across 17 categories, CMMC is undoubtedly more comprehensive than its predecessor NIST 800-171, and arguably more thorough than any similar framework.

2) CMMC Is Heavily Based on Previous Frameworks

Unsurprisingly, the controls set out by NIST 800-171 form the bedrock of CMMC. NIST 800-171 was developed in (Read more...)