New DOD Cybersecurity Regulations Could Adversely Impact Small Contractors

Industry News

January 16, 2020

New DOD Cybersecurity Regulations Could Adversely Impact Small Contractors

Small Department of Defense contractors are expected to be hardest hit by new cybersecurity standards that the Pentagon plans to release at the end of January.

About 300,000 contractors will be subject to cyber auditing and certification under the DOD’s Cybersecurity Maturity Model Certification (CMMC). While many large contractors have instituted cybersecurity protections, experts report that many medium and small-size firms are unprepared.

“This can be a burden to small companies, particularly,” Pentagon Acquisition Chief Ellen Lord told Bloomberg Law. “So we have been working with the primes, with the industry associations, with the mid-tiers, with the small companies on how we can most effectively roll this out so it doesn’t cause an enormous cost penalty for the industrial base.

Click here to read the Bloomberg Law article on the potential impact of the CMMC.

All comments to blog posts will be moderated by ACEC staff.