Fifty-eight percent of defense contractors are unprepared to meet the requirements for the Pentagon’s Cybersecurity Maturity Model Certification program, according to a survey conducted by the Defense Department initiative’s first authorized third-party assessment organization.
A survey conducted by Redspin found that over half of respondents did not feel prepared for CMMC’s requirements, which will go into effect by mid-2025.
The Defense Department’s Cybersecurity Maturity Model Certification final rule may be in effect, but there is still a significant readiness gap in the defense industrial base, according to a new report released by cybersecurity company Redspin.
Research Shows 58 Percent of Defense Supply Chain Members Feel Unprepared for CMMC
CMMC is now in effect, leaving no room for delay. Organizations must act now to implement requirements or risk falling behind in securing future Defense Department contracts.
Redspin’s VP & CISO, Thomas Graham, emphasizes the need for further guidance on FedRAMP equivalency, a critical area impacting contractors under the final CMMC rule.