Department of Defense Moves up Timeline for CMMC Compliance

July 22, 2022
In 2021, the Department of Defense announced a new strategic effort to provide enhanced cybersecurity efforts for their building projects going forward. The Cybersecurity Maturity Model Certification (CMMC) will ensure accountability for companies to implement cybersecurity standards to protect sensitive data during the design, build and operations of DoD facilities. Through research grants by the John R. Gentille Foundation and Electri Foundation, a video series has been produced by MCAA’s Chief Security Fanatic, Nick Espinosa to provide an update on the process. Recently, the DoD has updated their timeline for CMMC and plan on publishing their initial requirements in March 2023 for the 60-day review and comment period. Once completed, the first phase of CMMC compliance will go into effect with a self-assessment that must be completed by every contractor working on a DoD project.

In 2021, the Department of Defense announced a new strategic effort to provide enhanced cybersecurity efforts for their building projects going forward. The Cybersecurity Maturity Model Certification (CMMC) will ensure accountability for companies to implement cybersecurity standards to protect sensitive data during the design, build and operations of DoD facilities. Through research grants by the John R. Gentille Foundation and Electri Foundation, a video series has been produced by MCAA’s Chief Security Fanatic, Nick Espinosa to provide an update on the process.

Recently, the DoD has updated their timeline for CMMC and plan on publishing their initial requirements in March 2023 for the 60-day review and comment period. Once completed, the first phase of CMMC compliance will go into effect with a self-assessment that must be completed by every contractor working on a DoD project. The second phase, which requires third-party auditing of a contractor’s cybersecurity practices has not yet been established, but projected to take place in 2025. 

The CMMC program includes cyber protection standards for companies in the defense industrial base (DIB). By incorporating cybersecurity standards into acquisition programs, CMMC provides the Department assurance that contractors and subcontractors are meeting DoD’s cybersecurity requirements. For plumbing, mechanical and service contractors working on DoD projects, this means that they will have to document and upgrade safe data practices, increase the security level of their software and certify that these standards have been met through third-party auditors. 

Eleven new cybersecurity best practices videos have been added to the series and as the standard develops, the John R. Gentille Foundation will provide additional videos and materials. These are practical for all contractors, not just those working on DoD projects in order to protect your business and your customers. This includes:

Related Articles
Mechanical contractors may benefit from Employee Stock Ownership Plans, innovative planning devices allowing for tax-favored transfers of stock ownership in a closely held business. MCAA’s Employee Stock Ownership Plans reviews the benefits and disadvantages of these plans to assist in strategic planning. It’s just one of MCAA’s educational resources that are free to MCAA members as a benefit of membership.…
Mental health awareness is a growing priority in the mechanical industry. At the 2023 MCAA Safety Conference, hear from Josh Rizzo, a Bronze Star Medal recipient and longtime construction industry expert, on how to lead while taking care of yourself and the teams you serve. Join us January 17-19, 2023, in San Diego, CA. Register today!…
MCAA’s National Education Initiative (NEI) Seminars bring our best programs to your local association or your company thanks to instructors like Frank Favaro, President of ServeCentric Coaching in Cleveland, OH. Frank teaches sales employees where other companies drop the ball when it comes to customer interactions, relationships, and service and how to avoid those same mistakes.…
MCAA’s Virtual Trade Show connects our contractor members with the members of MCAA’s Manufacturer/Supplier Council.…

Join us December 8 at 3 p.m. EST for a webinar on Clean Energy: Geothermal Energy Exchange and learn about the next evolution of infrastructure from geothermal HVACR technologies expert, Jay Egg.
Register now: https://lnkd.in/eWGqY24R

MCAA’s 2023 Safety Conference includes 50+ hours of education from subject matter experts, plus inspiring keynote speakers like Josh Rizzo. Join us January 17-19, 2023, in San Diego, CA. Register today!

https://mcaaevents.org/safety-conference/

Providing top notch, accessible education for your organization is what the National Education Initiative (NEI) is all about! Meet instructor Frank Favaro and see a full list of the courses available, including virtual options.

http://ow.ly/POrF50LP0vN

3 days left to secure early bird pricing for the 2023 MEP Innovation Conference powered by @TrimbleCorpNews @MilwaukeeTool @procoretech! 3 days with over 30 breakouts, 5 demos, 4 general sessions, 3 facility tours, and lots of networking >> http://ow.ly/KVhc50LQtsA

Load More...