On September 29, 2020, the Department of Defense (DoD) issued an interim rule which provides for the transition to and implementation of its Cybersecurity Maturity Model Certification (CMMC) program. This new rule amends the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DoD Assessment Methodology and Cybersecurity Maturity Model Certification framework in order to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DoD supply chain.
What does this mean for Vendors?
This new rule becomes effective on November 20, 2020 and requires CMMC Certification at the time of contract award.