Katie Arrington, DOD’s chief information security officer for the Office of the Undersecretary of Defense for Acquisition and Sustainment, recently announced the Cybersecurity Maturity Model Certification (CMMC) for NIST 800-171. In 2020, certification will be required to secure and renew government contracts. CMMC certification requires an audit by an approved 3rd party to validate cybersecurity practices, which will result in a “yes” or” no”, pass/fail situation.
Because the government is making cybersecurity a requirement, they have also made it an allowable cost on contracts. Essentially, businesses can submit compliance costs as part of the overall bid, which will be reimbursed by the government in the contract award.
Take the first step in being NIST 800-171 cyber compliant a priority today, so you don’t lose your government contracts tomorrow.