CMMC 2.0 final rule released: New compliance standards set to begin next year

CMMC 2.0 final rule released: New compliance standards set to begin next year

Briefly

The final rule for CMMC 2.0 introduces new compliance standards for defense contractors, shifting from five levels to three, with a mandatory phase-in period.

Breaking Defensehttp://breakingdefense.com/2024/10/cmmc-2-0-final-rule-released-new-compliance-standards-set-to-begin-next-year/

Starting in 2025, all defense contractors must be CMMC compliant upon contract award, with a three-year phase-in to align with the new regulations.

Breaking Defensehttp://breakingdefense.com/2024/10/cmmc-2-0-final-rule-released-new-compliance-standards-set-to-begin-next-year/

Only 4% of contractors were CMMC compliant based on third-party assessments, despite 75% believing they were compliant after self-assessments, showcasing issues with self-regulation.

Breaking Defensehttp://breakingdefense.com/2024/10/cmmc-2-0-final-rule-released-new-compliance-standards-set-to-begin-next-year/

CMMC 2.0 mandates third-party assessments for Level 2 and Level 3 contractors, streamlining the compliance process while ensuring that 24 security controls from NIST are met.

Breaking Defensehttp://breakingdefense.com/2024/10/cmmc-2-0-final-rule-released-new-compliance-standards-set-to-begin-next-year/