With the final CMMC rule published, here’s a summary of everything you need to know for your CMMC Level and when. Another step closer. After more than seven years in the making, the US Department of Defense (DoD) finalized a rule establishing the Cybersecurity Maturity Model Certification (CMMC) program and outlining how it will work. The final program rule was published in the Federal Register on 15 October and will go into effect on 16 December.

From power grids and water systems to transport networks and healthcare facilities, critical infrastructure has become a key target for cyber attacks in recent years, such as US utilities suffering a 70% year-on-year increase in cyber attacks this year. The reason for targeting critical infrastructure is clear: they often use outdated software and the attacks have an outsized disruptive impact.

Nowadays, the digital supply chain is both essential and vulnerable. According to Pinsent Masons annual cyber report, supply chain breaches were the most common form of cyber incident in 2023 occuring in one third of cases (up from 5% in 2022). Meanwhile, Gartner predicts that almost half (45%) of global organizations will suffer a digital supply chain attack by 2025. Nowadays, the digital supply chain is both essential and vulnerable.

Zero Trust is no longer a nice-to-have - it’s a must-have. According to Cisco, over 86% of enterprise organizations have started rolling out a Zero Trust framework to protect their business-critical information and ensure regulatory compliance, but only 2% have successfully implemented a mature ZT architecture. Zero Trust is no longer a nice-to-have - it’s a must-have.

There’s no ‘good’ time for a data breach, but accidentally leaking sensitive information during closed periods leads to heavier financial and reputational costs than at other parts of the year. As SAP holds public companies' most sensitive financial and HR data, executives must guarantee the security of thousands of SAP downloads or face non-compliance fines and legal repercussions.

Zero Trust is no longer a nice-to-have - it’s a must-have. According to Cisco, over 86% of enterprise organizations have started rolling out a Zero Trust framework to protect their business-critical information and ensure regulatory compliance, but only 2% have successfully implemented a mature ZT architecture. Zero Trust is no longer a nice-to-have - it’s a must-have.

An Economist article published in June 2024 claimed that China is actively targeting US SMEs for long-term sabotage and for financial gain through sustained IP theft. With China using previously undetected methods of ‘cyber warfare’, it’s increasingly important that US companies adopt Zero Trust protection for their most valuable IP data.

As the curtains close for year 2023, the financial impact of cyberattacks on the global economy is predicted to reach $10.5 trillion. It is imperative for IT managers to be aware of the evolving landscape. Let’s see what will shape the cybersecurity arena in the coming year. From a data-centric perspective, we have identified 7 trends that will be important for data security.

The manufacturing industry has undergone a huge digital transformation in recent years. While these changes have increased productivity, the industry has also experienced new pressures from cybersecurity. In 2022, the industry has been vulnerable to 250 data violation incidents in the United States alone costing nearly 23.9 million USD. More and more industries are finding their intellectual property (IP) at risk as threat actors become more sophisticated.

The Cybersecurity Maturity Model Certification (CMMC) program is aligned to DoD’s information security requirements for Defense Industrial Base (DIB) partners. It is designed to enforce protection of CUI (Controlled Unclassified Information) shared by the Department with its contractors and subcontractors.