Parabilis – So, what’s the deal with CMMC?

So, what’s the deal with CMMC?

Written By Theresa Moon

CMMC 2.0 is at the forefront of many businesses’ agenda as we hear more and more of how the deadlines will come fast and furious and the demand of the assessors will be on a first come first serve basis. We are fortunate to have cybersecurity partners that are leading the charge to get contractors ready for what is to come. Our resident expert is, Fernando Machado, CEO of Cybersec Investments. He was gracious enough to share some of his best insight into the road ahead and what you should be focusing on now with regard to CMMC compliance.

Cybersec Investments has more than 10 years of experience working with the Department of Defense, and Fernando is a CMMC Provisional Assessor, and Cybersec Investments is a Candidate CMMC 3rd Party Assessor Organization (C3PAO). Fernando and his team take great pride in addressing the challenges his clients face with ever-changing and evolving aspects of technology and security.

We have seen many adjustments to the Cybersecurity Maturity Model Certification (CMMC) since it’s 2020 rollout. Most recently the DOD said they will begin paper-based assessments on DOD contractors, and divulged that rulemaking for this certification is set to be concluded in May 2023, and initial requirements appearing in DOD contracts 60 days later.

Mr. Machado recommends initiating the compliance process now, especially if you have DFARS 7012 written into your contract. Depending on how mature your organization is, CMMC level 2 compliance can take anywhere from 8 months to a year, and the demand on cyber professionals will increase as time goes on, so time is of the essence with regard to aligning your plan of action for this purpose. If you would like a consultation on needed services and to understand what lies ahead for your contractor, you can reach out to Cybersec Investments for knowledgeable, straightforward and honest assistance with your compliance needs. www.cybersecinvestments.com

Don’t delay and miss out on or lose contract opportunities because you were not compliant with this certification.

Article Originally posted for Parabilis on April 22, 2022