The Pentagon's proposed rule aims to enforce cybersecurity standards for Controlled Unclassified Information (CUI) under the Cybersecurity Maturity Model Certification (CMMC) 2.0, crucial in vendor contracts.
CMMC 2.0 introduces a new tiered system of compliance, allowing some companies dealing with the least Controlled Unclassified Information to conduct self-assessments, easing previous burdens.
The amendments require contractors to present a current CMMC certification or self-assessment upon contract award if their work involves CUI, ensuring enhanced cybersecurity compliance.
This overhaul stems from industry feedback indicating that the previous CMMC 1.0 regulations were overly stringent and costly, demonstrating the DoD's responsiveness in refining cybersecurity standards.
[
Collection
]
[
|
...
]