DoD contractors and subcontractors will soon be required to comply with the Cybersecurity Maturity Model Certification (CMMC), a framework of cybersecurity practices and procedures.
A CMMC assessment will be required over the next five years and must be performed by a CMMC third-party assessor organization (C3PAO). As implementation of the framework begins, DoD has designated a group of “provisional assessors” based on industry experience. The first handful of assessors includes someone from Oklahoma City’s own Guernsey, which has helped companies improve processes and documentation to prepare companies to pass a CMMC assessment.
Learn more about Guernsey’s cybersecurity consulting.
– Timothy Fawcett, CISSP, CISA is the Director of Cybersecurity Consulting at Guernsey