The CMMC draft and review cycle is well underway and consists of many cybersecurity frameworks. Building upon the previous DFARS 7012 requirements, contractors will be evaluated based upon the implementation of actual technical controls in addition to their documentation and policies. These evaluations will lead to a level certification of 1 to 5, 5 being the most secure. The higher your company certifies, the more contracts you will be eligible to bid on.
According to the Office of the Under Secretary of Defense, the CMMC level requirement will flow down to all subcontractors. They also state all future RFPs will require a CMMC level regardless of handling Controlled Unclassified Information (CUI).
Topics Covered in the Webinar Recording
CMMC Rev 0.4 Overview
Practice and Process Reference Documents
CMMC Domains and Controls
For more on the Cybersecurity Maturity Model Certification, check out our write up "What is CMMC?".