New requirements mean contractors will have to pay to play. What does this mean for small businesses in the defense industry?
The cybersecurity posture of the Defense Industrial Base (DIB) supply chain is only as strong as its weakest contractor. When considering the DIB supply chain includes 300,000 contractors with sensitive government data, and around 290,000 of them are not subject to strict cybersecurity requirements or oversight, something needs to change.
Leading that change is the Office of the Under Secretary of Defense for Acquisition and Sustainment - OUSD(A&S) - which has developed the Cybersecurity Maturity Model Certification (CMMC), an agile set of unified cybersecurity standards to ensure the security of government data on DIB networks.
Illustration: CMMC Seal
CMMC will enable the government to verify contractors have adequate security protocols in place to protect non-public Federal Contract Information and more sensitive Controlled Unclassified Information.
How CMMC Aims to Unify Cybersecurity
The most recent draft version of