CMMC 2.0 is Coming, Don’t Wait or it will be too Late!

A journey started in 2020 with the development of the Cybersecurity Maturity Model Certification (CMMC) 1.0, and the implementation of interim rules to roll all Defense Industrial Base (DIB) contractors into the Supplier Performance Risk System (SPRS) reporting requirements. Now we are waiting for CMMC 2.0 federal rule-making to be completed and there is plenty of speculation as to what the final rule will demand of DIB companies.

So what should DIB companies be doing now? Especially small to medium-sized companies with limited resources, how do they get started?

These are good questions, and we’ll discuss the ways companies can begin to address the CMMC 2.0 requirements, but the bottom line upfront is: Don’t Wait or it will be Too Late!

CMMC 2.0 Brings Increased Expectations

One of the most significant changes with the CMMC 2.0 environment is that the Department of Defense (DoD) will link compliance with requirements directly to the DIBs ability to be awarded DoD Contracts.

In addition, there will be more scrutiny placed on an organization's attestation they are doing what they are supposed to.

A significant unknown with CMMC 2.0 is how long organizations will have, once final rule making is complete, to be compliant with the new requirements. Most industry leaders believe that final rule-making will be mostly complete by the end of 2022, with an anticipated issuance of an interim rule and implementation to begin in early 2023.

What Now?

So, the question becomes, as a DIB company, can I afford to wait to begin to secure my environment and manage my Information Security/CMMC program? What if I don’t have the expertise or resources to build and sustain an effective CMMC program? How do I know where or how to start?

Ingalls Information Security can help! Ingalls is a Registered Provider Organization in the CMMC ecosystem with a highly trained staff of Registered Practitioners ready to partner with you on your CMMC Journey. Ingalls CMMC services are also powered by FutureFeed, a powerful CMMC management tool.
Our expert staff, combined with the power of FutureFeed, are prepared to help you wherever you are in your development of a CMMC-compliant program. The Ingalls philosophy is to lift you up to a standard of compliance, guiding you throughout your CMMC journey.

Whether you need to determine your initial SPRS score or need help with the implementation of all CMMC requirements, Ingalls will augment and assist your team in determining your current status, and your target profile, and then will help you get there!.

Ingalls Information Security 

Ingalls Information Security understands cybersecurity.  Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state-sponsored hackers. 

Ingalls specializes in DoD cyber, offering a full suite of technology-enabled, integrated cybersecurity risk management services. As a key player in the cyber security industry, we know what it takes to secure and protect our nation’s IT infrastructure. We provide comprehensive solutions to support CMMC practices and are ready to help DoD contractors prepare for a CMMC assessment.

If you’d like to learn more, please check out our CMMC service offering or contact us here. One of our DoD cybersecurity experts will be more than happy to assist you and answer any questions you may have.