CMMC – Why was it created?

Researchers working in a lab with Controlled Unclassified Information image

The theft of intellectual property and sensitive information due to malicious cyber activity threatens economic security and national security. As part of multiple efforts focused on enhancing the security and resiliency of the Defense Industrial Base, the U. S. Department of Defense (DOD) created CMMC to assess and enhance the cybersecurity posture of contractors who serve the DOD.

The certification creates a mechanism that helps the DOD assess and verify contractor compliance with cybersecurity practices, controls, and processes, that are aimed to protect certain unclassified information that may be in the possession of those contractors, or which resides on or is transmitted through contractor information systems.

Back to CMMC at WUSTL and Security of Controlled Unclassified Information (CUI) in Sponsored Research