Security is something that all businesses need to be concerned about today. There are many different regulations and guidelines that are in place to help businesses to operate in a safe and secure manner. The CMMC is one of these.
Otherwise known as the Cybersecurity Maturity Model Certification, the CMMC was created by the US Department of Defense. It was announced in 2020 and is still in the process of being fully implemented, but it provides both basic and advanced security guidelines for DoD contractors, as well as subcontractors and suppliers working with them.
A Look Back at CMMC in 2020
The creation of CMMC was announced just over a year ago, on January 31, 2020. Looking back at the changes that have been made since then, some major milestones include:
- The creation of the CMMC-Accreditation Body (CMMC-AB)
- Updated information on the CMMC implementation process throughout the year
- The creation and implementation of the recent DFARS Interim Rule, which now requires contractors to complete and submit a standardized, scored assessment
CMMC in 2021: What to Expect
Looking at what we can anticipate in terms of CMMC implementation and changes in 2021, members of the CMMC stated that they expect a busy year ahead.
- Assessments completed by C3PAOs and RPOs have already begun to be submitted to receive a score
- Throughout Quarter 1, training will be provided for organizations to become certified as assessors.
- Organizations will likely be able to certify for levels 1 through 3 as early as March and April, with certifications up to level 5 continuing afterward.
- In Quarter 2, there are anticipated to be more rule changes implemented, although no further information has been provided about these changes yet.
- Throughout the spring and summer, certifications and assessments are expected to scale to meet demand as more assessors become certified and available to assist organizations.
Importance of CMMC
The importance of CMMC cannot be ignored. Its aim is not about trying to patch more holes in the dam; it is about fundamentally enhancing the approach that DIB has to cybersecurity procedures and practices so that the entire foundation can be strengthened. Networking solutions and security solutions need to work together as a team, and this is something we can expect to see more of throughout 2021.
To conclude, there is no denying that we all need to be doing more to be more cyber safe, and the CMMC is a great representation of this. Whether or not you are going to be going for a governmental contract, the advice and framework that the CMMC has established are certainly worth following to make sure that your company is protected. Hiring an experienced and reputable cybersecurity company is the best way to ensure that you have the right security measures in place to protect your company and your contacts.