What DoD Contractors Can Expect for CMMC in 2022

The Department of Defense (DoD) has been working on cybersecurity for a while now. In the beginning, it was an issue no one really paid attention to and it continued on like that even after some understanding finally kicked in.

DoD is starting to get serious about cybersecurity, and it shows. Besides allocating more money towards defense contractors’ security efforts, there are also two initiatives worth mentioning: the Cybersecurity Maturity Model Certification Program and Binding Operational Requirements for Trusted Systems.

Cybersecurity Maturity Model Certification Program

Contractors have to go through this certification program if they want to win Department of Defense contracts. The initiative consists of four levels that need to be achieved before you can call yourself a part of the Department of Defense’s elite circle. The program is run by the DoD Chief Information Office Cybersecurity Directorate. It has a pretty simple goal: to standardize Department of Defense cybersecurity certification and ensure that contractors actually have some level of cybersecurity knowledge in place.

Binding Operational Requirements for Trusted Systems

As the name suggests, this initiative focuses on trusted systems only. Department of Defense contractors won’t be able to win contracts without going through it first. It allows for drastic changes when it comes to requirements regarding security features the Department must have in place before allowing a contractor to bid on its projects. If you want the Department’s money, you’ll need to meet these requirements if you expect any kind of preferential treatment from them. They’ll still be DoD contractors, but this will give them a slight edge over their non-certified counterparts.

After the Department of Defense manages to implement Cybersecurity Maturity Model Certification and Binding Operational Requirements for Trusted Systems, there won’t really be much left to talk about. DoD is pretty much open for business as far as Department contractors go (and they’re not gonna stop; the Department’s cybersecurity budget will only keep growing). 

That means that Department of Defense contractors should expect some major competition because everyone wants DoD contracts right now. But, considering how things shake out in 2022, none of these companies would probably even put up a fight if they got the chance to win one; cybersecurity budgets are growing so fast that Department of Defense contractors should be more than happy to get any DoD contract they can get.