Dec. 16 is a seminal date in the intricate world of Governance Risk and Compliance (GRC).
The U.S. Department of Defense’s Cybersecurity Maturity Model Certification Program final rule is officially in effect, codifying the CMMC requirements and assessment process.
Enforcement will be carried out throughout a multiphase process beginning in 2025. With the new year just weeks away, focus on CMMC is shifting from important to imperative for many.
“We’ve seen a significant uptick in engagement across the board since the DoD released its final rule in October,” said Bridget Wilson, NetCov’s Senior VP of Governance Risk and Compliance. “From direct outreach to webinars to conferences, the urgency and criticality are abundantly clear.”
One such event that spoke to Wilson’s assessment was CEIC East, the official conference of the Cyber AB, held in late November in National Harbor, Md. With nearly 1,000 attendees on hand, CEIC East showed the balance is shifting among those partaking in CMMC-oriented events.
“There’s definitely been an evolution,” Wilson said. “Early on, the bulk of attendees at these events were those looking to provide CMMC services. As the requirement looms, I think you’ll see the number of attendees seeking CMMC services continue to skyrocket.”
Tim Hallett, NetCov’s Director of Business Development, believes both urgency and uncertainty have kicked things into high gear for those that will be impacted.
“There’s a lot of uncertainty and just so many factors to consider for those that need to be CMMC certified,” Hallett said. “Bridget and the GRC team recognize how vital it is to keep apprised of all developments, leverage our educational resources and immerse ourselves in the CMMC community. We are eager to continue doing so in the weeks and months ahead.”
Among other CMMC-oriented events on tap, NetCov will be participating in the Southwest Regional CMMC Implementation Conference (CIC), which will take place Feb. 19-20 in Dallas, Texas.