The Department of Defense (DoD) has officially released the Final CMMC Rule, signaling a major step forward in securing the defense supply chain. The Cybersecurity Maturity Model Certification (CMMC) aims to ensure that contractors handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) adopt stringent cybersecurity practices to protect sensitive data from evolving cyber […]
CMMC Rule is Final! The DoD released its final rule for CMMC today. We’ll be providing a detailed analysis here over the coming weeks, with a focus on how the rule affects small and midsized government contractors. You can find the full copy here: 2024-22905.pdf (federalregister.gov). Defense Scoop has some good coverage as well: DOD […]
The latest Cyber AB Town Hall centered on key developments in the ongoing CMMC program, providing valuable updates for organizations working toward compliance. With the CMMC Final Rule nearing publication, several important milestones and updates were highlighted. Below is a recap of the major takeaways from this month’s session. TL:DR – Key Takeaways from the […]
The August 2024 Cyber AB Town Hall was an informative session packed with updates for those in the cybersecurity space, particularly organizations within the Defense Industrial Base (DIB) navigating the complexities of the Cybersecurity Maturity Model Certification (CMMC). The event provided a roadmap of upcoming regulatory changes and valuable insights into the CMMC ecosystem’s ongoing […]
If you are a contractor or subcontractor working with the Department of Defense (DoD), you’ve probably heard of the Cybersecurity Maturity Model Certification (CMMC). The CMMC initiative aims to enhance the cybersecurity posture of the Defense Industrial Base (DIB) by requiring all contractors to meet certain standards and practices based on the type and sensitivity […]
For the last few years, CMMC, the Cybersecurity Maturity Model Certification, has been a huge topic of discussion among the U.S. Government and the Defense Industrial Base (DIB). What started as an Executive Order over a decade ago to protect CUI has had a slow, incremental rollout, and revisions. Now, with CMMC 2.0, defense contractors […]
On November 4, the Defense Department announced significant changes to its Cybersecurity Maturity Model Certification (CMMC) program with plans to eliminate third-party certifications for the lowest level of assessment, add a method for resolving assessment issues, and initiate new rulemaking efforts, among other changes. CMMC 2.0 maintains the program’s original goal of protecting sensitive information […]
The first CMMC Third Party Assessor Organization (C3PAO) was announced and listed on the CMMC Marketplace earlier this month. There are at least 156 known organizations aspiring for C3PAO status to pass the full Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) assessment at CMMC Level 3. Ardalyst is one of those companies. The announcement of […]
The Cybersecurity Maturity Model Certification (CMMC) Accreditation Body held a Town Hall Apr. 27 to present updates on the progress of the CMMC roll-out and some insight into the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) assessments. The CMMC-AB’s recently appointed CEO Matt Travis kicked off the virtual event. Travis talked about importance of the […]
John A. Ellis, Director of the Defense Contract Management Agency (DCMA) Software Division presided over a webinar with Ardalyst Mar. 3rd to assist the company’s efforts to help defense contractors understand the new Defense Acquisition Regulations System (DFARS) interim rule, requirements, and assessment methodology. With the new DFARS interim rule, defense contractors are facing increased scrutiny […]