Cybersecurity

New Industry Advisory Council to Collect Feedback Regarding CMMC Implementation

The Cybersecurity Maturity Model Certification Accreditation Body has established an industry advisory council to gather feedback from defense contractors regarding the implementation of the CMMC.

In a statement, CMMC-AB Chairman Karlton Johnson said the IAC will provide a unified voice for defense contractors seeking compliance with the Pentagon’s cybersecurity program.

He added that council members will help address cyber readiness challenges in the defense industry base and strengthen CMMC to its maximum potential, FCW reported Tuesday.

The council is expected to provide annual public reports on the feedback and recommendations it collects, Johnson told FCW.

Once operational, Johnson said the council will likely look into the true cost of CMMC compliance.

“The IAC can serve as the central collection mechanism for real implementation, assessment and remediation cost to become certified for large and small businesses alike,” he noted.

GROCYBER co-founder Yong-Gon Chon, who also serves as the CMMC board’s treasurer, will lead the council. He will be joined by 11 other industry members.

Looking ahead, the CMMC-AB plans to occasionally host town hall sessions dedicated to the IAC.

According to Johnson, the public town hall meetings will be held more regularly throughout the year and will address topics focused on the CMMC’s various components.

The DOD started the implementation of CMMC in December, with the goal of fully requiring all contractors within the defense industrial base to achieve compliance by the beginning of fiscal year 2026.

CMMC certifications serve as a prerequisite for renewing or winning contracts with the DOD. The program has five certification levels, ranging from basic to advanced/progressive cyber hygiene practices, that contractors need to comply with depending on the security that a DOD contract calls for.