← Cybersecurity Alphabet Soup

CMMC

Cybersecurity Maturity Model Certification

governancemedium

The US Department of Defense program that requires defense contractors to prove they meet cybersecurity requirements before winning contracts. It builds on NIST SP 800-171 controls for protecting controlled unclassified information, with tiered levels and third-party assessments. It matters because it turns cybersecurity from a self-attested checkbox into a verified condition of doing business with the DoD.

Sources

More in governance