top of page

CMMC 2.0 to pare down cybersecurity requirements for contractors

Updated: Nov 22, 2021


The Department of Defense’s cybersecurity compliance program for contractors will be pared down in scope and expectations, according to an acquisition regulation document.

The Cybersecurity Maturity Model Certification (CMMC) will no longer require every contractor to get a third-party certification if they do not touch controlled unclassified data, a change that could reduce the cost of compliance for thousands of contractors.

Under the new CMMC model, which is known as CMMC 2.0, the number of security tiers is being shrunk from five to three. Novel CMMC maturity practices will also be eliminated from the standard.

Click HERE to read the rest of the article.

19 views0 comments

Recent Posts

See All

How inflation is impacting government contracting

Source: Federal News Network New numbers from the Bureau of Labor Statistics are adding to concern that inflation is going to be with us for some time. The impacts to individual pocketbooks are pretty


bottom of page