The DoD has updated its DFARS rules from the existing clause to three new clauses to allow enforcement of CMMC for DoD contracts.
The necessity to protect data is one not limited to private sector businesses that store, manage and process personally identifiable information (PII). In fact, government agencies such as the Department of Defense (DoD) also need to evaluate, review and enhance cybersecurity measures both internally and with contractors.
Cybercrime costs the U.S. economy between $57 billion and $109 billion every year. Although there have been guidelines for meeting cybersecurity benchmarks in the past, all DoD contractors are now subject to Cybersecurity Maturity Model Certification (CMMC).