What is the CMMC?
CMMC (Cybersecurity Maturity Model Certification) is a standard for cybersecurity requirements that all Department of Defense contractors must implement as a part of their business processes. This implementation of CMMC will also have to be validated by a certified CMMC assessor before the company can receive a contract with the DoD.
How does CMMC affect my organization?
The Department of Defense has begun migrating from a self-certification model, which allowed suppliers to self-declare their own IT security maturity, to the new CMMC framework to assess and enhance the cybersecurity posture of the Defense Industrial Base sector. There are no exceptions or waivers, the CMMC will be mandatory for all DoD contractors.