The Department of Defense (DoD) released the latest draft version of the Cybersecurity Maturity Model Certification (CMMC) framework, , on November 7 for public review. This maturity model assesses and enhances the cybersecurity posture of the Defense Industrial Base (DIB) and is applicable to all companies conducting business with the DoD whether or not they handle controlled unclassified information (CUI).

The CMMC combines various cybersecurity control standards (e.g. NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 27032, AIA NAS9933 and others) into one unified standard for cybersecurity. Furthermore, the framework measures the maturity of a company’s institutionalization of cybersecurity practices and processes.

Intended to serve as a verification mechanism, the CMMC hopes to ensure that appropriate levels of cybersecurity practices and processes are in place to confirm basic cyber hygiene. Additionally, this framework mitigates the risks to national economic security and national security through protection of controlled unclassified information.

乐动体育南安普顿The final CMMC version, which NSF will certify to, is scheduled to be released in January 2020.

乐动体育南安普顿Looking for more information? Visit our dedicated and sign up to receive updates.