Cybersecurity Maturity Model Certification (CMMC)

What is CMMC?

The Cybersecurity Maturity Model Certification is a new unified standard for implementing cybersecurity across the defense industrial base (DIB).  The CMMC is the Department of Defense’s (DoD) response to significant compromises of sensitive data located within their supply chain, which consists of over 300,000 companies.

There are 5 different maturity levels of the Cyber Security Maturity Model, ranging from the minimum level of security with 17 requirements, and the highest level of maturity with over 170 requirements. An organization will be eligible for various contracts based on its maturity level.

For example, most contracts that don’t have Controlled Unclassified Information will most likely only need a level 1 maturity certification. The higher the level of compliance with CMMC, the more contracts an organization is eligible to bid and win. Although proof of compliance with CMMC is not needed at the time of the bid, it will be needed to formally accept the contract.