In 2021, the Department of Defense announced a new strategic effort to provide enhanced cyber security efforts for their building projects going forward. The Cybersecurity Maturity Model Certification (CMMC) will ensure accountability for companies to implement cybersecurity standards to protect sensitive data during the design, build and operations of DoD facilities. Through research grants by the John R. Gentille Foundation and Electri Foundation, a video series has been produced by MCAA’s Chief Security Fanatic, Nick Espinosa to provide an update on the process.
Recently, the DoD has simplified and revised the CMMC to make it more streamlined and faster in what they are calling, “CMMC 2.0”. The new version helps to cut the red tape for small and medium sized businesses, sets priorities for protecting information and updates the requirements to address the evolving cyber threats and best practices.
The CMMC program includes cyber protection standards for companies in the defense industrial base (DIB). By incorporating cybersecurity standards into acquisition programs, CMMC provides the Department assurance that contractors and subcontractors are meeting DoD’s cybersecurity requirements.
For plumbing, mechanical and service contractors working on DoD projects, this means that they will have to document and upgrade safe data practices, increase the security level of their software and certify that these standards have been met through third-party auditors.
Six new cybersecurity best practices videos have been added to the series, and as the standard develops, the John R. Gentille Foundation will provide additional videos and materials. These are practical for all contractors, not just those working on DoD projects in order to protect your business and your customers. Currently, the six best practice videos include: