Understanding the potential impact that CMMC will have outside of the DIB
For the Defense Industrial Base (DIB), the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) compliance requirement is the hot news topic of 2021. In fact, across the DIB market, CMMC compliance will probably stay a focus through at least 2025.
However, for the long term, many organizations are looking to understand the potential impact that CMMC will have outside the DIB. On January 21, the DoD’s CISO subtly announced that her agency is working with the Department of Homeland Security (DHS) to implement CMMC in their contracts. In other words, companies that contract with other agencies are starting to ask, “How do I get compliant efficiently and cost-effectively?” The answer should include looking to NIST 800-170, hardening their systems, and automating STIG compliance.
Why are agencies jumping on Cybersecurity Maturity Model Certification?
The short story is that CMMC offers the first federal compliance requirement that looks to create clear cybersecurity standards.
The real story is a little longer…..