The Director of National Intelligence’s annual Worldwide Threat Assessment report has for several years identified cyber threats as one of the most important strategic threats facing the United States. The Department of Defense (DoD) is keenly aware of the multifaceted cyber threats our nation faces and has created CMMC to better defend the vast attack surface that the Defense Industrial Base (DIB) sector presents to adversaries.
DoD is taking a supply-chain risk-management approach to improving cybersecurity. That means that all 300,000 DoD contractors will need to obtain third-party certification that they meet requirements for the CMMC maturity level appropriate to the work they wish to do for the DoD.
Current commercial email and file sharing solutions in the market are insufficient to comply with CMMC for organizations working with Controlled Unclassified Information (CUI). Better alternatives use end-to-end encryption to protect data 100% of the time.