DoD Mandates Cyber Certs: Contractors, Lock Down Your Systems!
Published Date: 9/10/2025
Rule
Summary
The Department of Defense is updating its rules to make sure contractors follow new cybersecurity standards called the Cybersecurity Maturity Model Certification (CMMC). This change affects companies working with the DoD and helps protect important defense information. Contractors should get ready to meet these new rules soon, which could impact how they do business and spend money on cybersecurity.
Analyzed Economic Effects
1 provisions identified: 0 benefits, 1 costs, 0 mixed.
DoD Requires CMMC for Contractors
If your company contracts with the Department of Defense, the DFARS rule now incorporates contractual requirements from the Cybersecurity Maturity Model Certification (CMMC) program. You will need to implement the CMMC cybersecurity standards in DoD contracts, which could change how you do business and may require spending on cybersecurity.
Your PRIA Score
Personalized for You
How does this regulation affect your finances?
Sign up for a PRIA Policy Scan to see your personalized alignment score for this federal register document and every other regulation we track. We analyze your financial profile against policy provisions to show you exactly what matters to your wallet.
Key Dates
Department and Agencies
Take It Personal
Get Your Personalized Policy View
Start a Free Government Policy Watch to see how policy affects your household, then upgrade to PRIA Full Coverage for year-round monitoring.
Already have an account? Sign in