Consider This Another CMMC Reminder
Machine shops serving the military/defense industry that currently aren’t working toward achieving Cybersecurity Maturity Model Certification could be caught flat-footed once it’s required.
Is Cybersecurity Maturity Model Certification on your radar? It better be if you want to keep or win future DOD work. (Photo credit: U.S Department of Defense)
I’ve been beating the Cybersecurity Maturity Model Certification (CMMC) drum for a while and will continue to do so. Here I list three articles that I feel are good resources for machine shops serving the military/defense industry.
In this article, Dustin Mobley, cybersecurity analyst for Vestige Digital Investigations, explains that on December 26, 2023, the Department of Defense (DOD) published its proposed rule for CMMC to the Federal Register. His article states that “publication of the proposed rule began a 60-day commenting period that will close on February 26, 2024.” Which is today. This is a good read as it addresses “changes the proposed rule brings or more importantly, what these changes mean to your organization,” as the article states.
This article from Vestige’s President, CEO and Founder Damon Hacker, explains that there are various ways machine shops that serve the military/defense industry can achieve CMMC, offering a few to consider.
Finally, this article reminds us that achieving CMMC takes time and money. It describes some of the challenges that Wooster, Ohio’s Midway Swiss Turn, a 10-person machine shop, faced and lessons it learned after embarking on its CMMC voyage.
So, again, if your shop serves the defense/military industry, please be mindful of CMMC. Without certification, you will at some point lose business.