By Heather Bennett
October 10, 2022
If you found this blog, chances are you just found out you are required to be CMMC certified. You don’t know what that means, did a web search, and now you’re here. Let me be the first to welcome you to the world of CMMC. It’s nice here, we have (virtual) cookies.
In this article, we are going to cover the who, what, when, and whys associated with CMMC. This will be a brief overview as most of these topics will be covered in depth in future articles. Now is not the time get educated on CMMC!
Who is who regarding CMMC?
“The Defense Industrial Base Sector is the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements.” (cisa.gov)
The DoD requires certification from all DIB contractors and subcontractors. The DoD has estimated that over 300,000 companies will be affected.
What is CMMC?
CMMC is a certification required by the US Department of Defense (DoD). It is a new certification model to ensure all contractors and subcontractors of the DOD properly protect sensitive information.
When will this happen?
The DoD began unveiling contracts with CMMC requirements in 2021. Each subsequent year will add more contractors. It is expected that CMMC will be a requirement on all contracts by October of 2026.
Why am I being required to be CMMC certified?
CMMC was developed to ensure the protection of Federal Contact Information (FCI) and Controlled Unclassified Information (CUI). FCI and CUI can contain sensitive information that could jeopardize the nation’s security if it fell into the wrong hands. An interesting article talking about just that can be viewed here.
The requirements to become CMMC Certified will vary on the extent of FCI and CUI a company handles. We will cover the CMMC Maturity Levels in the next article. Keep up to date with all things CMMC by subscribing to our weekly blog.
Are you ready for Provincia Government Solutions to help you? If so, reach out to our team and let’s talk. We can put you are on the path to success!
Until then, be safe and stay secure!
Provincia Government Solutions, LLC is a Nashville based HUBZone certified security and risk assurance firm with advanced expertise in government regulatory and compliance cybersecurity requirements including NIST, FISMA, CMMC, SCA, 800-171, TRICARE, MARS-E and ZTA (Zero Trust Architecture) solutions. Our client base includes government agencies, contractors, and commercial organizations affiliated with government entities. Whether you are seeking audit preparedness, compliance and assurance assessments, security consulting, or CMMC certification, we have the expertise to help. Contact us at (615) 807-2822 or at email@example.com to discuss your security needs today. Consultations are free of charge and we look forward to speaking with you!
Provincia Government Solutions is a Nashville TN based Authorized CMMC Third-Party Assessor Organization (C3PAO) and SBA Certified small business specializing in Cybersecurity Assurance Services for government agencies, contractors, and commercial organizations affiliated with government entities.