A survey published by Tier 1 Cyber and highlighted in FedScoop shows that few Department of Defense (DoD) contractors are aware of the coming Cybersecurity Maturity Model Certification (CMMC) that is coming in the fall of 2020.
Here is what you need to know:
- Tier 1 Cyber survey found that only 24 percent of responding government contractors could identify the acronym “CMMC.”
- The survey was conducted in November and solicited responses from a random sample of 150 government contractors with revenues of more than $15 million annually. Two-thirds of the respondents were DOD contractors with the vast majority employing more than 1,000 people.
- The survey did find that only 12 percent of the defense contractors surveyed said they trust their vendors.
- Government contractors said they recognize the importance of cybersecurity, but few have implemented mitigation efforts or established guidelines through their supply chain – though no data was provided in the FedScoop story to quantify that statement.
The concern about cybersecurity continues to grow as the United States defense industry comes under increasing attacks from foreign states and rogue actors.
The CMMC initiative is designed to end “self-assessments” in security and provide a structured cybersecurity review by an approved third-party and a framework for compliance based on standards.
Starting in the fall of 2020, DoD contracts will start to require government contractors to have specific levels of CMMC in order to be eligible for contracts.
To read the full story: Survey finds DOD contractors know little about forthcoming cyber standards