NDIA CMMC Update – Feb. 19, 2025

Â
NDIA CMMC Update: Proposed FAR Rule on Controlled Unclassified Information (CUI)
The government requires federal contractors to protect controlled unclassified information (CUI) in accordance with requirements defined in NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The Cybersecurity Maturity Model Certification (CMMC) program is designed to ensure contractors fully meet their requirements under NIST SP 800-171 by having third-party assessments certify compliance.