October Newsletter
CMMC is Now Official
Department of Defense (DoD) published its final Cybersecurity Maturity Model Certification (CMMC) rule in the Federal Register, which takes effect on November 10, 2025 – officially launching a three-year rollout of cybersecurity requirements across DoD contracts.
Timeline:
Phase 1 begins November 10, 2025
Contracting officers will include CMMC Level 1 and 2 in new contracts
Companies must self-assess and submit scores in the Supplier Performance Risk System (SPRS) system
CMMC will eventually be mandatory after the 3-year phase-in
Read more here
For free CMMC support, visit Project Spectrum