The U.S. Department of Defense (DoD) on October 15th, 2024 published its long-anticipating first part of the final rule (the Final Rule) for the Cybersecurity Maturity Model Ceritficat (CMMC) program.
The program will require third-party verification for contractors working with controlled unclassified information (CUI) confirming that contractors are meeting existing DoD cybersecurity standards and a self-assessment by contractors that have Federal Contract Information (FCI) showing that they are in compliance with the 15 controls in Federal Acquisition Regulation (FAR) 52.204-21.
What does this? For Contractors? How should this change this practices and documentation procedures?
To help answer this, we have D.o.D. expert, Michael Andrewes w/ his opinion and perspective on this ruling.
To learn more about YouAttest and how we can help secure your identities, contact us at info@youattest.com
