New Cybersecurity Requirements For Defense Contractors Could Mean More Business (If You Comply)
SSE are experts in the new cybersecurity requirements for defense contractors. We offer services and consulting on CMMC and NIST. Call us first.
Request A CMMC Readiness Assessment
New Cybersecurity Requirements For Defense Contractors
Defense contractors need to understand how new cybersecurity requirements rolled out by the Pentagon could make their work more difficult, but also remove some competition from the market.
Cybersecurity Maturity Model Certification (CMMC) requirements were released by the Department of Defense (DoD) Office of the Undersecretary of Defense Acquisition and Sustainment [OUSD(A&S)], and they are having an effect on the industry.
These new requirements are a part of an ongoing effort to continually provide more accurate and more effective insight into modern cybersecurity best practices for organizations involved with DOD operations.
“As companies who are out there compete, either as the contracts, they’re currently working on come up for re-compete or they want to go after new work, they are going to have to show evidence that they’ve been certified by these third-party organizations,” said Elizabeth Niedringhaus, CEO of SSE Inc., to the St. Louis Business Journal.
What Is CMMC?
CMMC is the DOD’s way of certifying its contractors’ abilities to protect the Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) shared within the supply chain.
This builds upon the requirements set out by Defense Federal Acquisition Regulation Supplement (DFARS), Code Of Federal Regulations (CFR) and National Institute of Standards and Technology (NIST) guidelines (namely, 800-171 of the latter).
What Does CMMC Mean For Defense Contractors?
While complying with these new requirements will undoubtedly require a further investment of time and money beyond your standard DFARS compliance efforts, it’s important to note the silver lining – CMMC will likely reduce your competition.
“We’re really looking at the flip side as an opportunity for their business to actually to win more contracts, as there will be those companies that just say, at this point in time, we’re not doing enough business to justify the investment,” said Niedringhaus.
As it becomes more difficult to operate in the defense sector, smaller competitors will likely drop out. Becoming compliant with CMMC will require more resources, and not all current contractors will see the benefit of investing further, especially if they don’t have the capital to do so.
That makes the market less competitive for contractors that do make the effort to become compliant. And that’s not the only benefit — these new requirements aren’t arbitrary. Implementing them will have additional benefits as well, making your company more secure and of greater value to your clients.
“Many of the protocols that are going to be required to continue to do Department of Defense work are likely going to improve a business’s competitive posture for commercial work, as well,” said Dale Ketcham, vice president of government and external relations at Space Florida, to the St. Louis Business Journal.
Need Expert Assistance Implementing CMMC?
Don’t drop out of the defense contracting sector just because it’s become more difficult to stay compliant. Our team is available to help you analyze your current compliance, and improve it to meet new standards set by CMMC. Doing so will make your business more secure, effective, and competitive in the market.
Becoming CMMC compliant with our expert assistance is easy: