If you’ve not heard, the Department of Defense is implementing new cybersecurity measures. For some R&D small businesses, your future customer may be the federal government and knowing your cybersecurity requirements may be a key difference in beating your competitor to this market. CMMC requirements may be introduced, gradually starting September 2020.
Recent webinars hosted by the Defense Alliance and others indicate that these new CMMC (cybersecurity maturity model certification) measures aren’t going to be limited to just the Department of Defense (DoD). DoD may be on the leading edge of measures that will be adopted across all funding agencies. Like car insurance or ISO standards, CMMC is predicted to be the new common language for cybersecurity. Understanding these requirements now may become critical for future funding through programs like SBIR. Here are a few resources to help you become familiar.
- CMMC Guidelines via the DoD: https://www.acq.osd.mil/cmmc/
- New CMMC accrediting body: https://www.cmmcab.org/
Practically, the new guidelines are intended to standardize existing requirements to make it easier for small businesses to be compliant. There are five, cumulative levels. In a recent Defense Alliance webinar, guests noted CMMC certification can run up to $3000 (including audits) and is considered an allowable cost. Here are local and DoD sponsored support programs to help you understand and meet the new CMMC requirements.
- The Defense Alliance April 17 webinar
- Wisconsin Procurement Institute (WPI)
- Maryland Innovation & Security Institute DreamPort
- Project Spectrum supported by DoD office of Small Business programs
Did you miss the recent CTC quick chat on Navigating DoD Opportunities for Innovation & Small Businesses? No worries, watch this and other CTC quick chats here.
To get connected to additional small business innovation resources, please contact the Center for Technology Commercialization for free consultation and support to access non-dilutive federal and state funding.