Is the mist starting to clear for CMMC? Next stop implementation.
I don’t foresee the biggest challenge for CMMC being defining the rules, guidance and certification. The biggest challenge as with all cyber security programmes, will be implementation and finding cyber experts. There are simply not enough experienced resources in the market place. DFARS has been specific in its requirements for NIST 800 – 171 r2 for some time. Cyber incidents have shown that not all DIBs have adopted cyber security practices as one would expect. Which in my experience does not make them stand out from many other industry sectors. The only difference will be that if CMMC makes it into DFARS there will be a requirement for accreditation and assurance of the standards. Irrespective of CMMC companies should be preparing for cyber security. Implementing basic cyber hygiene and developing cyber maturity is something all boards should adopt as a matter of course. Protecting the organisation from serious long term damage.
2 thoughts on “Is the mist starting to clear for CMMC? Next stop implementation.”
Your article helped me a lot, is there any more related content? Thanks!
Can you be more specific about the content of your article? After reading it, I still have some doubts. Hope you can help me. https://accounts.binance.com/es/register?ref=V2H9AFPY