The Defense Department has issued a draft plan for its Cybersecurity Maturity Model Certification program that addresses the highest levels of risks for contractors and relies on security controls developed by the National Institute of Standards and Technology that are still under review. "The CMMC model consists of 17 domains" which are sets of capabilities based on cybersecurity "best practices" for protecting controlled unclassified information, according to the latest CMMC draft issued last week. "The majority of these CMMC domains...
