Node A6 · Acronym decoder
CMMC
Cybersecurity Maturity Model Certification
What it actually means
The DoD's certification regime verifying that defense contractors actually implement the cybersecurity controls (largely NIST SP 800-171) required to handle controlled unclassified information. Unlike the prior self-attestation regime, higher levels require third-party assessment — making it a compliance gate for winning and keeping defense contracts.
Where you'll meet it
Defense industrial base compliance planning and contract eligibility requirements.