Cybersecurity Maturity Model Certification (CMMC) Archives

Matthew Picerno (center) and Tony Plater (right) speak on a panel at the Google Defense Forum, moderated by Google’s Elizabeth Moon. (DefenseScoop)

With CMMC looming, military services explore ways to extend secure environments to small businesses

The military services increasingly see small businesses as extensions of their enterprises and are looking at ways to support their security.

Jan 26, 2024 By Billy Mitchell

River entrance of the U.S. Department of Defense. (Getty Images)

Pentagon releases proposed rule on cybersecurity standards for contractors

The DOD released the proposed rule for the highly anticipated CMMC program.

Dec 22, 2023 By Mark Pomerleau

CMMC final rulemaking process kicks off with submission to OMB for review

The submission solidifies the fact that DOD has come to a consensus on a final rule and that CMMC is coming in the not-so-distant future.

Jul 25, 2023 By Billy Mitchell

Pentagon, Department of Defense, DOD, federal IT, cybersecurity, Washington, D.C. — The Air Force Memorial and the Pentagon in Arlington, Virginia. (REUTERS / Joshua Roberts)

Pentagon looks to expand voluntary cyber information-sharing with contractors

Roughly 12,000 contractors are eligible to participate today. With the new rule, that number would expand to 80,000.

May 16, 2023 By Billy Mitchell

DOD working with federal CISO Council on CMMC-like standards for civilian agencies

The DOD is working with civilian agencies on a new FAR rule that would apply new requirements for vendors that handle controlled unclassified information.

Apr 5, 2023 By Billy Mitchell

A logo sits illuminated at the Microsoft booth on day 2 of the GSMA Mobile World Congress at Fira Barcelona on February 28, 2023 in Barcelona, Spain. (Photo by Xavi Torrent/Getty Images)

Microsoft completes voluntary CMMC assessment, a win for smaller contractors using its services

DIB contractors that use Microsoft cloud services may only need to meet a small portion of CMMC's 110 controls after the cloud provider passed its voluntary assessment.

Mar 7, 2023 By Billy Mitchell

John Sherman, Department of Defense Chief Information Officer, participates in a virtual panel, April 15, 2021. (DoD photo by Chad J. McNeeley)

DOD addressing ‘obstacle course’ of impediments holding back work with cybersecurity startups

John Sherman and others in the Pentagon are working to eradicate roadblocks keeping cybersecurity startups and other companies from scaling business with the Department of Defense.

Nov 10, 2022 By Billy Mitchell

DOD planning to use NIST 800-171 as evaluation criteria for contracts prior to CMMC rule

The NIST standards have been part of federal law for contractors for several years, but until now, contracting officers have been "lackadaisical" about enforcing them, said the…

Sep 21, 2022 By Billy Mitchell

Dave McKeown delivers a keynote at DefenseScoop’s DefenseTalks conference. (DefenseScoop)

DOD looking to cloud vendors to accelerate zero trust and CMMC adoption

DOD will look to cloud vendors to support two of its premier cybersecurity initiatives, CISO Dave McKeown said.

Sep 16, 2022 By Billy Mitchell

Matthew Travis speaks at the IT Modernization Summit produced by FedScoop in March 2020. (Scoop News Group.)

Cyber AB launches voluntary CMMC assessment program for defense contractors

The accreditation body also issued a draft document detailing the assessment process that third-party assessment organizations will need to follow once the final CMMC rule takes effect.

Jul 27, 2022 By Billy Mitchell