Cybersecurity Maturity Model Certification (CMMC)
The Cybersecurity Maturity Model Certification (CMMC) accreditation framework impacts the U.S. Department of Defense (DoD) contractors, supply chain, solution providers, and systems integrators.
What is the Cybersecurity Maturity Model Certification (CMMC)?
According to the Office of the Under Secretary of Defense for Acquisition & Sustainment, the Cybersecurity Maturity Model Certification (CMMC) framework contains five maturity processes and 171 cybersecurity best practices progressing across five maturity levels. The CMMC maturity processes institutionalize cybersecurity activities to ensure they are consistent, repeatable, and of high-quality. The CMMC practices provide a range of mitigation across the levels, starting with basic safeguarding at level 1, moving to the broad protection of Controlled Unclassified Information (CUI) at level 3, and culminating with reducing the risk from Advanced Persistent Threats (APTs) at levels 4 and 5. The CMMC framework is coupled with a certification program to verify the implementation of processes and practices. Learn more here: https://www.acq.osd.mil/cmmc/docs/CMMC_Model_Main_20200203.pdf
Global cyber-attacks on the US Department of Defense (DoD) supply chain from foreign adversaries, industry competitors, and international criminals are at the forefront of US national security concerns. Countries like China, Russia, and North Korea exfiltrate over $600 billion in the US (1% global GDP), according to Ellen Lord, Undersecretary of Defense for Acquisition and Sustainment. Even today, these bad actors are using the COVID-19 pandemic as cover for their nefarious actions while organizations are distracted as they extend their business operations from physical offices to individuals’ homes. Learn more here: https://securityboulevard.com/2020/07/what-is-the-cybersecurity-maturity-model-certification-cmmc/