Cyber-attacks disrupt business operations and put intellectual property and sensitive information at risk. In a 2018 report, the Council of Economic Advisers (CEA) estimated that malicious cyber activity costed the U.S. economy between $57 billion and $109 Billion in 2016 (Source). Another report by the Center for Strategic and International Studies (CSIS), in partnership with McAfee, states that about $600 billion, nearly one percent of global GDP, is lost to cyber-crime annually (Source).
Cybersecurity Maturity Model Certification (CMMC)
In late 2021, the Department of Defense (DoD) released the Cybersecurity Maturity Model Certification (CMMC 2.0). This new guideline and certification process rolls in various cybersecurity standards and best practices into a three-level framework to ensure cybersecurity is met at the appropriate level across all federal acquisition processes. All level 2 and level 3 companies interested in contracting with the DoD, including subcontractors, must be certified through an accredited independent third party organization, while level 1 companies must perform a self-assessment. We expect to see CMMC levels incorporated into Requests for Information as early as June 2020.
Department of Defense Resources:
While PTACs are not certifiers, PTAC counselors are able to help clients who are DoD Primes and Subs step through the Level 1 requirements as they are not highly technical. For higher levels of certifications, PTAC counselors are able to guide clients through the framework and available tools and refer them to other accredited independent third party organizations. For further assistance contact your Procurement Specialist or Apply for services.
Below are links to learn more about the risks of cyber-attacks, self-assessment tools, and the latest regulations.
- PTAC at Del Mar College | Readiness Review Level 1
- Department of Defense | Supplier Performance Risk System (SPRS)
- Norcal PTAC | Recorded Webinars on Cybersecurity [10/2019, 4/2020, 9/2020]
- SBA | Small Business Cybersecurity
- CMMC Accreditation Body
- Procurement Integrated Enterprise Environment (PIEE)