National Defense Magazine, August 15, 2024 | 3 min read
The article discusses the 45 CFR CMMC proposed rule by the Defense Department to integrate Cybersecurity Maturity Model Certification (CMMC) requirements into defense contracts.
It details how the rule mandates certification levels based on the type of information handled, includes flow-down requirements for subcontractors, and introduces a phased rollout over three years to minimize disruptions, particularly for small businesses.
The rule aims to enhance supply chain cybersecurity in light of increasing cyberattacks. Public comments are being accepted until October 15, 2024.