Cybersecurity Maturity Model Certification (CMMC) Archives

An aerial view of the Pentagon, Washington, D.C., May 15, 2023. (DoD photo by U.S. Air Force Staff Sgt. John Wright)

DOD releases final rule for CMMC, setting the stage for implementation next year

The publication of the final rule moves to establish the CMMC 2.0 program in federal law.

Oct 11, 2024 By Mikayla Easley

DOD seal — (DoD photo by Lisa Ferdinando)

Pentagon a step closer to CMMC starting line with new contract rule proposal

The newly proposed rule would incorporate new cyber requirements into all contracts for vendors who want to do business with the U.S. military that involves controlled unclassified…

Aug 15, 2024 By Billy Mitchell

Matthew Picerno (center) and Tony Plater (right) speak on a panel at the Google Defense Forum, moderated by Google’s Elizabeth Moon. (DefenseScoop)

With CMMC looming, military services explore ways to extend secure environments to small businesses

The military services increasingly see small businesses as extensions of their enterprises and are looking at ways to support their security.

Jan 26, 2024 By Billy Mitchell

River entrance of the U.S. Department of Defense. (Getty Images)

Pentagon releases proposed rule on cybersecurity standards for contractors

The DOD released the proposed rule for the highly anticipated CMMC program.

Dec 22, 2023 By Mark Pomerleau

CMMC final rulemaking process kicks off with submission to OMB for review

The submission solidifies the fact that DOD has come to a consensus on a final rule and that CMMC is coming in the not-so-distant future.

Jul 25, 2023 By Billy Mitchell

Pentagon, Department of Defense, DOD, federal IT, cybersecurity, Washington, D.C. — The Air Force Memorial and the Pentagon in Arlington, Virginia. (REUTERS / Joshua Roberts)

Pentagon looks to expand voluntary cyber information-sharing with contractors

Roughly 12,000 contractors are eligible to participate today. With the new rule, that number would expand to 80,000.

May 16, 2023 By Billy Mitchell

DOD working with federal CISO Council on CMMC-like standards for civilian agencies

The DOD is working with civilian agencies on a new FAR rule that would apply new requirements for vendors that handle controlled unclassified information.

Apr 5, 2023 By Billy Mitchell

A logo sits illuminated at the Microsoft booth on day 2 of the GSMA Mobile World Congress at Fira Barcelona on February 28, 2023 in Barcelona, Spain. (Photo by Xavi Torrent/Getty Images)

Microsoft completes voluntary CMMC assessment, a win for smaller contractors using its services

DIB contractors that use Microsoft cloud services may only need to meet a small portion of CMMC's 110 controls after the cloud provider passed its voluntary assessment.

Mar 7, 2023 By Billy Mitchell

John Sherman, Department of Defense Chief Information Officer, participates in a virtual panel, April 15, 2021. (DoD photo by Chad J. McNeeley)

DOD addressing ‘obstacle course’ of impediments holding back work with cybersecurity startups

John Sherman and others in the Pentagon are working to eradicate roadblocks keeping cybersecurity startups and other companies from scaling business with the Department of Defense.

Nov 10, 2022 By Billy Mitchell

DOD planning to use NIST 800-171 as evaluation criteria for contracts prior to CMMC rule

The NIST standards have been part of federal law for contractors for several years, but until now, contracting officers have been "lackadaisical" about enforcing them, said the…

Sep 21, 2022 By Billy Mitchell