Many small organizations within the Defense Industrial Base (DIB) are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification (CMMC). If you haven’t been tracking it closely, CMMC was finalized as a rule in October 2024, with an effective date of December 16, 2024.
About the author
Thomas Graham is the vice president and chief information security officer at Redspin, a Cybersecurity Maturity Model Certification service provider. He is a recognized expert in CMMC and holds multiple certifications, including Certified Assessor and CMMC Certified Professional. With a doctorate in Information Assurance and Security from Capella University, he oversees internal security matters at Redspin.
