Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Cybersecurity Certification for Contractors

December 28, 2023
Reading Time: 2 mins read
in News
Cybersecurity Certification for Contractors

The U.S. Department of Defense has unveiled a pivotal proposed rule for the Cybersecurity Maturity Model Certification (CMMC) program, aimed at streamlining compliance and fortifying safeguards for sensitive data against cyber threats. This long-awaited rule introduces a tiered security framework tailored for contractors and subcontractors handling sensitive unclassified information.

The tiers span three levels, with Level 1 encompassing fundamental security measures and Level 3 mandating the most advanced protocols. Contractors falling within CMMC levels 2 and 3 will undergo third-party compliance evaluations. Moreover, these contractors must attain specific CMMC levels to vie for particular contract awards, as outlined in the draft. This initiative, labeled “CMMC 2.0,” was initially outlined by the Defense Department back in November 2021.

The extensive 200-page draft delineates precise security requisites corresponding to each tier, with Level 1 contractors tasked with implementing 15 security measures stipulated in the Federal Acquisition Regulation. As the tiers progress, the requirements become more rigorous. For instance, Level 2 contractors must adhere to 110 security measures from NIST SP 800-171, in addition to fulfilling Level 1 criteria. Meanwhile, Level 3 contractors must comply with Level 1 and Level 2 prerequisites, alongside 24 supplementary security measures from NIST SP 800-172.

The Pentagon plans to evaluate Level 3 security adherence and grants contractors 180 days post-assessment to devise and execute action plans to fulfill any unmet security requirements. While Level 1 contractors handle federal contracting information, Level 2 and 3 contractors manage controlled unclassified information. All CMMC contractors must report their security assessments to the Defense Department, although Levels 1 and 2 are permitted to conduct self-assessments.

By delegating self-assessments to the initial tiers of contractors, the Pentagon anticipates cost savings, reserving resources from the Defense Industrial Base Cybersecurity Assessment Center for the final tier’s evaluations. This proposed rule marks a pivotal step in fortifying cybersecurity measures within the defense industrial base while promoting greater transparency and accountability among contractors.

Reference:
  • US Department of Defense Unveils CMMC 2.0 for Strengthened Cybersecurity Measures
Tags: CMMCCyber NewsCyber News 2023Cyber RiskCyber threatsCybersecurityDecember 2023Department of defensesecurity adherence
ADVERTISEMENT

Related Posts

UK Government Shifts to Passkey Security

Google Deploys AI to Combat Scams on Chrome

May 9, 2025
UK Government Shifts to Passkey Security

The Nmap Project released Nmap 7.96

May 9, 2025
UK Government Shifts to Passkey Security

UK Government Shifts to Passkey Security

May 9, 2025
Kirsten Davies Nominated as Pentagon CIO

Kirsten Davies Nominated as Pentagon CIO

May 8, 2025
China’s Cyber Power Raises UK Concerns

China’s Cyber Power Raises UK Concerns

May 8, 2025
Europol Takes Down Global DDoS Services

Europol Takes Down Global DDoS Services

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial