Skip to content
Len Tudisco February 21, 2020 1 min read

CMMC Version 1.0 is Released

To increase the cybersecurity posture of companies operating in government supply chains, the Department of Defense announced the creation of the Cybersecurity Maturity Model Certification (CMMC) in 2019, and a draft was made available.

On January 30, 2020, the DoD released Version 1.0 to the public. (Version 2.0 was announced on November 4, 2021.)

NIST Special Publication 800-171 covers the protection of "Controlled Unclassified Information" (CUI) defined as information created by the government, or an entity on behalf of the government, that is unclassified, but needs safeguarding.

How to Prepare for CMMC

In CMMC 1.0, there was no longer an option for self-attestation. That has changed in CMMC 2.0.

CMMC

from Acquisition & Sustainment, Office of the Under Secretary of Defense

Can We Do It Ourselves?

Whether or not you can self-attest to CMMC depends on the level of CMMC you need to comply with and the type of information you are handling in fulfilling a DoD contract.

 

What is CMMC compliance?

 

What's New in CMMC Version 1.0

There are many similarities in CMMC compared to NIST 800-171, and the goal remains the same: to protect CUI within government supply chains.

cmmc-levels

Technology Changes AND Process Changes

Cybersecurity is not a shopping cart where a secure IT environment requires nothing more than a full checklist. Instead, it is a combination of both technology changes and business process changes. This has always been our focus at Corserva.

Becoming CompliantRPO

If you've been putting off dealing with NIST 800-171 compliance and how CMMC impacts you, contact Corserva, we can help. We provide assessments for NIST 800-171 and CMMC readiness services.

Corserva is a CMMC-AB Registered Provider Organization™ (RPO), and we are listed on the Marketplace for the CMMC Accreditation Body (CMMC-AB).

TALK TO AN EXPERT

avatar

Len Tudisco

Len has extensive experience helping SMB to enterprise companies leverage technology to drive innovation and business performance. He has over 30 years of IT experience across a wide range of industries and business disciplines, with roles in software engineering, IT management, outsourcing, consulting, project management, and business development.