CMMC 2.0 Final Ruling - Open Forum withShort Arm Solutions

The U.S. Department of Defense (DoD) on October 15th, 2024 published its long-anticipating first part of the final rule (32 CFR) for the Cybersecurity Maturity Model Certification (CMMC) program.

The program will require third-party verification for contractors working with controlled unclassified information (CUI) confirming that contractors are meeting existing DoD cybersecurity standards and a self-assessment by contractors that have Federal Contract Information (FCI) showing that they are in compliance with the 15 controls in Federal Acquisition Regulation (FAR) 52.204-21.

What does this mean? For Contractors? How do enterprise adhere to the new standards - and document their process to prove that they are compliant?

To help answer this, we have D.o.D. experts, Jeff Chao of Short Arm Solutions.

To learn more about YouAttest and how we can help secure your identities, contact us at [email protected]