DoD Seeking Feedback on CMMC
The following message was recently shared by our friends at the Small Business Technology Council (SBTC), and we hope contractors will share their feedback with DoD:
After years of public comment and delays, the DOD has issued a final rule on Cybersecurity Maturity Model Certification (CMMC) requirements for companies doing business with the DOD. These requirements will begin appearing in DOD contracts on November 10, 2025. Follow the link below to review the final rule in the Federal Register:
With 2 weeks to go before these new requirements are inserted into contracts, the DOD Office of Small Business Programs (OSBP) has put out a survey seeking input from small businesses to better understand how companies are preparing for the implementation of CMMC requirements. This short, anonymous survey is intended to help DOD OSBP tailor its support, resources, and guidance to better meet small business needs during the transition.
If you have concerns or feedback you would like to make regarding the implementation of new CMMC requirements at the DOD, we encourage you to fill out this survey and share your thoughts with DOD OSBP: