The Defense Department has issued the long-awaited cybersecurity standards that all must meet.
"On Jan 31, the Pentagon released the official version 1.0 Cybersecurity Maturity Model Certification. It requires any company that does business with the Department of Defense, primes as well as subcontractors, to meet to meet "at least a basic level of cybersecurity standards" when they respond to requests for proposals.
CMMC is informed by the National Institute of Standards and Technology's guidance on protecting controlled unclassified information (CUI) in non-federal systems and on security and privacy controls for federal systems. It outlines five levels of certification addressing both cybersecurity practices and processes..."
Read More ...