Request Demo

Current CMMC Milestones For 2020

down-arrow

The Cybersecurity Maturity Model Certification (CMMC) framework is the upcoming revamp of the Department of Defense (DoD) cybersecurity requirements to secure the defense industrial base (DIB) and supply chain. The certification levels, tiers, will range from basic to advanced and adaptive cybersecurity programs in a greater effort to secure and protect controlled unclassified information (CUI). All members of the DIB and DoD contractors, ranging from small businesses to prime contractors, must meet the required CMMC level to maintain existing and win new contracts.

What Are The Current CMMC Milestones For 2020?

To provide some clarity around the Cybersecurity Maturity Model Certification (CMMC)'s milestones, we've written up a high-level outline of important dates from the release of V1 in January 2020 and probable deadlines you should consider when implementing and complying with CMMC.

Disclaimer: Please note this information may change in accordance with the CMMC Accreditation Board (CMMC AB) CMMC decision making and information sharing process.

Q1 2020 - Version 1.0 of the Cybersecurity Maturity Model Certification description was published to the public on January 31, 2020.

Soon after CMMC V.1.0 was released, the independent CMMC Accreditation Board (CMMC AB) started coordinating assessor training and accreditation plans in partnership with CMMC stakeholders to release training for CMMC Levels 1, 2, and 3 by the end of Q1 2020 (March 31, 2020).

Q2 2020 - During June, the first set of RFIs reflecting CMMC will be released in time for the CMMC AB to start training independent CMMC Level 1, 2, and 3 auditors.

CMMC Milestones After 2020 and Beyond?

  • Vendors and suppliers should expect a significant amount of training, assessment, and audit activity in the third quarter.
  • CMMC Levels 4 and 5 certification training will begin in September 2020.
  • According to Pentagon Acquisition Chief Ellen Lord - Starting in Q4 2020, ALL contracts need to include the appropriate CMMC certification in their award criteria.
    • To phase in CMMC changes and related contracts, the DoD intends to limit the CMMC requirement to just 10 RFIs and RFPs in 2020. The remaining new contract requirements will roll out in 2021 with the goal being - ALL new DoD contracts beginning in FY 2026 will meet the CMMC requirement.

According to Arrington, the DoD expects CMMC third-party assessors to certify about 1,500 vendors in 2021, 7,500 more in 2022, and 25,000 more by 2023.

Your CMMC Compliance Needs

CyberSaint is here to support every step of your CMMC readiness journey in many ways, like keeping you updated on the latest CMMC news and providing CMMC readiness assessments and or training.

You may also like

CIP-013 Implementation: Know ...
on April 8, 2020

As the deadline for NERC CIP-013 compliance approaches, power and utility organizations are focused on implementing supply chain risk management strategy across their global ...

Alison Furneaux
What to Know About Scaling NERC ...
on April 8, 2020

NERC CIP currently stands to be the oldest and most critical regulatory framework for protecting and securing our bulk electric systems as a whole as it relates to cybersecurity. ...

Why Glass-Box Reporting Beats ...
on April 7, 2020

In the wake of the Equifax and Marriott breaches, it is no secret that cybersecurity has made its way into the Boardroom. While many executives are experienced in managing myriad ...

Guidance for CIP-013: Effective ...
on April 2, 2020

Updated April 2, 2020 - Latest NERC CIP-013 Guidance NERC CIP-013 Overview On July 21, 2016, the Federal Energy Regulatory Commission (FERC) issued Order No. 829, directing the ...

Alison Furneaux
8 NIST Security Controls to Focus ...
on March 30, 2020

In times like these, attacks are exponentially more prevalent throughout some of our most prominent sectors. For information security leaders who have been working toward the ...

Three Areas of Cybersecurity ...
on March 27, 2020

These are strange times. As information security leaders across the globe watch their attack surface multiply with the rise of remote work, catalyzed by COVID-19, cybersecurity ...