What is the Cybersecurity Maturity Model Certification?
The Cybersecurity Maturity Model Certification (CMMC) is a certification established by the U.S. Department of Defense (DoD) to establish a uniform cybersecurity standard for DoD contractors and vendors based on several cybersecurity control standards, such as NIST SP 800-171, NIST SP 800-53, ISO 27001, and ISO 27032, among others.
By measuring a vendor’s cybersecurity maturity across five levels aligned to both cybersecurity practices and processes, the CMMC aims to ensure that contractors appropriately protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).