CMMC Hub

   Under the Department of Defense's Cybersecurity Maturity Model Certification Program, government contractors will be required to verify that they meet the cybersecurity safequarding requirements that correspond to the CMMC level that is assigned to their government contracts.  DoD has just finalized its DFARS regulation that will incorporate CMMC requirements into government contracts, and that regulation will become effective November 9, 2025.  CMMC requirements will be phased into DoD contracts over a three year period and will be implemented into most DoD contracts that are not for commercially available off-the-shelf (COTS) items after November 9, 2028.