{"id":2539999,"date":"2023-05-01T20:00:00","date_gmt":"2023-05-02T00:00:00","guid":{"rendered":"https:\/\/platoai.gbaglobal.org\/platowire\/drip7-provides-information-on-the-mandatory-status-of-cmmc-2-0-certification-in-may-2023\/"},"modified":"2023-05-01T20:00:00","modified_gmt":"2023-05-02T00:00:00","slug":"drip7-provides-information-on-the-mandatory-status-of-cmmc-2-0-certification-in-may-2023","status":"publish","type":"platowire","link":"https:\/\/platoai.gbaglobal.org\/platowire\/drip7-provides-information-on-the-mandatory-status-of-cmmc-2-0-certification-in-may-2023\/","title":{"rendered":"Drip7 Provides Information on the Mandatory Status of CMMC 2.0 Certification in May 2023"},"content":{"rendered":"

Drip7, a leading cybersecurity and compliance consulting firm, has recently provided important information regarding the mandatory status of the Cybersecurity Maturity Model Certification (CMMC) 2.0 certification in May 2023. This certification is a requirement for all Department of Defense (DoD) contractors and subcontractors who handle Controlled Unclassified Information (CUI).<\/p>\n

The CMMC framework was developed by the DoD to ensure that contractors and subcontractors handling CUI meet specific cybersecurity standards. The framework consists of five levels, with each level building upon the previous one. The higher the level, the more stringent the cybersecurity requirements.<\/p>\n

The CMMC 2.0 certification is the latest version of the certification and is set to replace the current interim rule that requires contractors to self-attest to their compliance with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171.<\/p>\n

According to Drip7, all DoD contractors and subcontractors who handle CUI will be required to obtain at least a CMMC Level 1 certification by May 2021. This means that they must demonstrate basic cybersecurity hygiene practices such as using antivirus software and implementing access controls.<\/p>\n

However, by May 2023, all DoD contractors and subcontractors who handle CUI will be required to obtain a CMMC Level 3 certification or higher. This means that they must demonstrate a more robust cybersecurity posture, including implementing advanced security controls and conducting regular vulnerability assessments.<\/p>\n

Drip7 emphasizes that obtaining a CMMC certification is not a one-time event but rather an ongoing process. Contractors and subcontractors must maintain their certification by undergoing regular assessments and audits to ensure that they continue to meet the required cybersecurity standards.<\/p>\n

Failure to obtain or maintain a CMMC certification can result in the loss of DoD contracts and potential legal liabilities. Therefore, it is crucial for contractors and subcontractors to start preparing for the certification process as soon as possible.<\/p>\n

Drip7 offers a range of services to help contractors and subcontractors navigate the CMMC certification process, including readiness assessments, gap analyses, and compliance consulting. They also provide ongoing support to help maintain the certification.<\/p>\n

In conclusion, the mandatory status of the CMMC 2.0 certification in May 2023 is a significant development for DoD contractors and subcontractors who handle CUI. It is essential for them to start preparing for the certification process now to avoid potential consequences in the future. Drip7 is a valuable resource for those seeking guidance and support in achieving and maintaining CMMC compliance.<\/p>\n