Navigating Risky Waters Of DOD Cybersecurity Certification

February 11, 2020 - Less than a minute read

Law360 (February 6, 2020, 5:13 PM EST) — On Jan. 30, the U. S. Department of Defense released version 1. 0 of the Cybersecurity Maturity Model Certification, or CMMC, framework, which will require DOD contractors and subcontractors to obtain third-party certification of their cybersecurity maturity. [1]This highly anticipated 390-page release supersedes the prior draft versions, the last of which was released in December 2019. >The DOD will begin requiring contractors to obtain certification under the CMMC later this year, giving companies in the supply chain little time to assess their obligations, identify and remediate cybersecurity weaknesses that might preclude their desired certification, retain an appropriate certification vendor, and obtain the certification. . . .