Return to the list of client alerts

CMMC Likely Going Federal Gov. Wide

For those of you who are not Pentagon watchers, CMMC is the new security standard that the DoD is pushing down on 300,000 defense contractor companies plus their supply chain.

The GSA, the executive branch’s procurement folks, announced that they want to get ahead on training contracting officers as the Cybersecurity Maturity Model Certification becomes standard in government contracts.

Just to be clear, that does not mean tomorrow.

I have also heard that the Pentagon is talking with the Brits, the Canadians, the Australians and others about sharing the CMMC love.

Keith Nakasone, the GSA’s deputy assistant commissioner for IT acquisition, says that he GSA is creating ordering guides for contracting officers who use government wide acquisition contracts (that contain CMMC requirements). We have already seen two of these – Astro and Stars.

Bottom line, if you sell to the federal government – or to other friendly governments – you have a couple of choices:

1. Find a different line of business
2. Get ready for CMMC now in an orderly fashion
3. Panic later

We recommend option 2.

If you have questions or need help, please contact us.

Credit: Federal Computer Weekly