Authentic8 Blog Author: Abel Vandegrift

As Director of Government Strategy at Authentic8, Abel advises the federal business team on policy development and budget trends to identify growth opportunities and shape customer engagement.

DoD's Cybersecurity Maturity Model Certification: Are Smaller Companies Prepared?

New requirements mean contractors will have to pay to play. What does this mean for small businesses in the defense industry?

The cybersecurity posture of the Defense Industrial Base (DIB) supply chain is only as strong as its weakest contractor. When considering the DIB supply chain includes 300,000 contractors with sensitive government data, and around 290,000 of them are not subject to strict cybersecurity requirements or oversight, something needs to change.

Leading that change is the Office of the Under Secretary of Defense for Acquisition and Sustainment - OUSD(A&S) - which has developed the Cybersecurity Maturity Model Certification (CMMC), an agile set of unified cybersecurity standards to ensure the security of government data on DIB networks.

Illustration for Cybersecurity Maturity Model Certification blog post: CMMS Seal

Illustration: CMMC Seal

CMMC will enable the government to verify contractors have adequate security protocols in place to protect non-public Federal Contract Information and more sensitive Controlled Unclassified Information.

How CMMC Aims to Unify Cybersecurity  

The most recent draft version of