The Latest on DoD’s Cyber Standards for Contractors

Based on the latest reports from law enforcement agencies, the COVID-19 pandemic has resulted in significant escalations of cyber-related incidents. These incidents are driven by an increase in teleworking arrangements and higher user stress and anxiety levels.

Given the growing need to ensure our national readiness through more secure and reliable IT systems within the Department of Defense (DoD) supply chain, the Cyber Security Maturity Model Certification (CMMC) governing board has been plowing forward in their efforts to flesh out more details related to the newly adopted cyber standards.

DoD’s goal is to ensure all 350,000 plus contractors within its supply chain are adhering to a specific level of cyber readiness through an independent assessment organization by 2025. Certifications fall into a number of distinct categories, ranging from level one (least secure) to level five (most secure):

  • Level one: An organization that complies with basic cyber guidelines.
  • Level two: Serves as a transitional phase, and requires an organization to have the proper policies and documentation in place for CMMC compliance.
  • Level three: An organization that protects CUI (Controlled Unclassified Information) data and has met several additional security requirements.
  • Levels four and five: Achieved when highly advanced cyber guidelines are in place.

There are discussions within other governmental agencies (at Federal and state levels) to adopt the emerging CMMC standards as part of their contracting requirements to ensure a more uniform approach and an increased level of national cyber resiliency.

Contact us to arrange for a complimentary CMMC Readiness Executive Briefing and consultation session to learn about the latest developments and address your questions on the topic.

Our CMMC Readiness Executive Briefing provides an executive overview of DoD and Governmental Contracting cyber security and information privacy best practices, including DFARS/CMMC emerging standards and effective implementation and compliance approaches. Our goal is to learn your needs so that we can recommend an effective compliance readiness roadmap suitable for your organization.

***

Information contained in this alert should not be construed as the rendering of specific accounting, tax, or other advice. Material may become outdated and anyone using this should research and update to ensure accuracy. In no event will the publisher be liable for any damages, direct, indirect, or consequential, claimed to result from use of the material contained in this alert. Readers are encouraged to consult with their advisors before making any decisions.