Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

DOD Finalizes Rules for Contractors

October 14, 2024
Reading Time: 2 mins read
in News
DOD Finalizes Rules for Contractors

The U.S. Department of Defense (DoD) has officially announced the finalization of its Cybersecurity Maturity Model Certification (CMMC) 2.0 rule, a significant development aimed at bolstering cybersecurity standards among defense contractors. This new rule introduces a tiered system that simplifies compliance requirements for contractors managing sensitive unclassified information, reflecting the DoD’s ongoing commitment to safeguarding national security. The updated CMMC framework reduces the number of assessment levels from five to three, allowing small and medium-sized businesses to more easily navigate the certification process.

One of the most notable changes in the CMMC 2.0 rule is the introduction of third-party compliance assessments for contractors in the second and third tiers. This shift from self-assessments to external evaluations seeks to enhance accountability and ensure that defense contractors adhere to stringent security standards. By verifying compliance with existing protections for federal contract information, the DoD aims to mitigate risks associated with cybersecurity threats and protect sensitive data more effectively.

The new rule, set to be published in the Federal Register on October 15, 2024, establishes clear requirements for each tier. Level 1 contractors will handle federal contracting information, while Levels 2 and 3 will manage specific controlled unclassified information. Level 2 contractors must implement 110 security measures from NIST SP 800-171, and Level 3 contractors will be required to fulfill both Level 1 and Level 2 requirements, in addition to 24 extra measures from NIST SP 800-172. This structured approach ensures that contractors adopt increasingly advanced cybersecurity practices in alignment with the sensitivity of the information they handle.

To further support compliance efforts, the DoD has introduced plans of action and milestones, providing a roadmap for businesses seeking certification. Level 3 contractors who do not meet specific security standards will have 180 days to develop and implement action plans post-assessment. The DoD’s emphasis on accountability and ethical standards reflects its determination to maintain public trust while protecting sensitive information from potential threats. As the implementation of the CMMC 2.0 program begins in 2025, the DoD urges all contractors within the Defense Industrial Base to proactively assess their cybersecurity measures and prepare for upcoming evaluations.

Reference:
  • US Department of Defense Finalizes Cybersecurity Maturity Model Certification Rule
Tags: CMMCCyber NewsCyber News 2024Cyber threatsCybersecurityDepartment of defenseDODFrameworkOctober 2024USA
ADVERTISEMENT

Related Posts

UK Romance Scams Net Fraudsters $144 Million

Google Launches AI To Fight Scams In India

June 17, 2025
UK Romance Scams Net Fraudsters $144 Million

UK Romance Scams Net Fraudsters $144 Million

June 17, 2025
WhatsApp Status Ads Arrive With Privacy Vow

WhatsApp Status Ads Arrive With Privacy Vow

June 17, 2025
Arsen Launches AI Vishing Sim for Large-Scale Voice Phishing

Danish Agency Ditches Microsoft for Digital Independence

June 16, 2025
Arsen Launches AI Vishing Sim for Large-Scale Voice Phishing

Arsen Launches AI Vishing Sim for Large-Scale Voice Phishing

June 16, 2025
Arsen Launches AI Vishing Sim for Large-Scale Voice Phishing

Kali Linux 2025.2 Released with New Tools

June 16, 2025

Latest Alerts

Water Curse Group Hits Developers Via GitHub

XDSpy Exploits Windows LNK Zero Day

CISA Warns Of Apple Zero Click Exploit

PyPI Malware Steals AWS, CI/CD, macOS Data

IBM Backup Service Flaw Allows Elevated Access

Image Hiding in DNS TXT Records

Subscribe to our newsletter

    Latest Incidents

    Zoomcar Data Breach Hits 8.4 Million Users

    Qilin Gang Leaks Asefa FC Barcelona Data

    Gunra Claims 45TB Hack On Colombia Justice

    Hackers Leak 10K VirtualMacOSX Customer Data

    Canada WestJet Airline Contains Cyberattack

    Washington Post Investigates Cyberattack on Emails

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial