The Defense Industrial Base (DIB) sector and the supply chain of the Department of Defense (DoD) are the target of malicious cyber attacks. In their report entitled “The Cost of Cybercrime,” Accenture security in conjunction with the Ponemon Institute, estimates the total value at risk from cybercrime is US$5.2 trillion over the next five years.
In efforts focused on the security and resiliency of the 300000 member DIB sector, the DoD is working to enhance the protection of the following types of unclassified information within the supply chain:
- Federal Contract Information (FCI)
- Controlled Unclassified Information (CUI)
Towards this end the Office of the Undersecretary of Defense for Acquisition and Sustainment has developed the Cybersecurity Maturity Model Certification (CMMC) framework. DOD has made compliance with the various levels of the CMMC required for ALL defense contractors who wish to bid on any DOD contract, phased in over the next 5 years.
We will introduce this CMMC framework and the components, processes, and practices which make the CMMC.