Beginning January 2020, the Department of Defense will roll out a new IT security protocol for all businesses it hires for contract work.
The department’s Cybersecurity Maturity Model Certification (CMMC) is designed to ensure that contractors on government projects have prescribed cybersecurity practices in place to protect controlled unclassified information. Applicable information includes data pertaining to critical infrastructure, nuclear, proprietary business information, procurement, and acquisition.
All defense contractors must pay for certification through a third-party provider of their choice. Beginning in June 2020, contractors will start seeing references to CMMC requirements in requests for proposals. Some higher-level assessments may be performed by DOD or other government agencies.
The DOD released the latest draft version of the CMMC for public review earlier this month. It includes five different certification levels.
Related Stories
| Aug 11, 2010
Best AEC Firms of 2011/12
Later this year, we will launch Best AEC Firms 2012. We’re looking for firms that create truly positive workplaces for their AEC professionals and support staff. Keep an eye on this page for entry information. +