Much like most operating programs/projects/entities within the Department of Defense (DoD) enforce the Federal Information Security Management Act (FISMA) and Risk Management Framework (RMF – NIST Special Publication 800-53), the new Cybersecurity Maturity Model Certification (CMMC) is the DoD’s attempt at commonly securing and documenting the cyber controls of it’s Defense Industrial Base (DIB). Following repeated cyberattacks on the DIB, the DoD decided to enforce standards and checks on its contractors and its periphery, much like any program operating on a US Government system. Particularly DIB’s with the following information stored or accessible across that entity’s systems. Beyond that, it … Read More