CMMC 2.0 Rulemaking: Decoding the DoD's Submission to OMB for Review
Video
CMMC 2.0 Rulemaking: Understand the DoD’s Recent Submission to OMB for Review
In this video, Danielle Barbour, the Director of Product Marketing for Regulatory Compliance at Kiteworks, discusses the recent development in the Cybersecurity Maturity Model Certification (CMMC) program. The Department of Defense (DoD) has submitted the CMMC plan to the Office of Management and Budget (OMB), marking the formal initiation of the rulemaking process. This submission is more than just an administrative step; it shows the DoD’s commitment to strengthen its cyber defenses.
The OMB will have 90 days to review the CMMC framework, which will shape the final form and implementation of the program. Following the review, the rulemaking process has two potential paths: the Proposed Rule and the Interim Final Rule. Both scenarios offer the public an opportunity to comment.
This development is a significant milestone in the CMMC’s evolution, which was introduced as a unified cybersecurity standard to boost the protection around sensitive defense information. By submitting the plan to the OMB, the DoD is signaling imminent changes in the Defense Industrial Base (DIB), moving toward a future with robust and unified cybersecurity mechanisms that are resilient against evolving threats.
As a result, defense contractors and stakeholders should now prepare themselves. How? Assess their cybersecurity measures, ensure awareness of CMMC requirements, consider collaborations with cybersecurity experts, and stay updated with DoD and OMB developments. The DoD’s submission to the OMB is a crucial step toward a future where the defense sector is well-equipped to handle cyber threats, making it an exciting development in cybersecurity.