top of page
business-people-with-digital-tablet-blueprint.jpg

CMMC 2.0 Compliance Guide: Navigating New DoD Requirements

CMMC Compliance 2024_Page_01.jpg

Download the White Paper

Securance has more than two decades of experience helping organizations combat evolved cyber threats, build effective risk management programs, align with compliance standards, and increase operational efficiency. Our comprehensive approach integrates proven methodologies, dependable expertise, and each customer’s unique requirements to maximize the benefits and long term value of each assessment.

INTRODUCTION

To help the Department of Defense (DoD) protect controlled unclassified information (CUI) within its supply chain, about 300,000 defense suppliers that are part of the Defense Industrial Base (DIB) must now comply with rigorous
cybersecurity standards before being eligible to win DoD contracts. Subcontractors will also be expected tocomply with the appropriate cybersecurity maturity level. To meet this challenge, in 2020, the federal government announced Cybersecurity Maturity Model Certification (CMMC) 1.0, a framework for protecting data handled by defense contractors from cyber attacks.

CMMC guidelines have evolved, and in response to almost 1,000 public comments, in late 2021, the DoD decided to make compliance easier and less costly by introducing CMMC 2.0, which significantly streamlined the requirements of
CMMC 1.0. The CMMC 2.0 Final Rule was published on October 15, 2024, and is set to become effective on December 16, 2024. Defense contractors are expected to begin entering contracts under CMMC 2.0 requirements by mid-2025.

CMMC 2.0 should alleviate many of the compliance hurdles contractors face, but implementation issues persist.

bottom of page