SHARED INTEL: The cybersecurity sea change coming with the implementation of ‘CMMC’

Finally, Uncle Sam is compelling companies to take cybersecurity seriously.

Related: How the Middle East paved the way to CMMC

Cybersecurity Maturity Model Certification version 2.0 could  take effect as early as May 2023 mandating detailed audits of the cybersecurity practices of any company that hopes to do business with the Department of Defense.

Make no mistake, CMMC 2.0, which has been under development since 2017, represents a sea change. The DoD is going to require contractors up and down its supply chain to meet the cybersecurity best practices called out in the National Institute of Standards and Technology’s SP 800-171 framework.

I sat down with Elizabeth Jimenez, executive director of market development at NeoSystems, a Washington D.C.-based supplier of back-office management services, to discuss the prominent role managed security services providers (MSSPs) are sure to play as CMMC 2.0 rolls out. For a full drill down, please give the accompanying podcast a listen. Here are my takeaways:

Passing muster

CMMC 2.0 sets forth three levels of cybersecurity certification a company can gain in order to provide products or services to the DoD, all having to do with…