Here's a brief overview of the CMMC timeline:
*January 2020, CMMC-AB officially launched
*Summer of 2020, Certification and Registrations applications accepted
*Fall/winter of 2020, Certified Publishers and Trainers chosen
*Winter of 2020, training for Assessors and Professional start
*Summer/Fall of 2021, first commercial CMMC certifications available
*Summer 2021, the first RFP is coming out that will affect 1,500 vendors
*2022, larger percentage of CMMC contracts coming out
*End of 2025, all DoD contractors must be certified
As a Federal Contractor, you must show a culture of cybersecurity. You cannot implement cybersecurity tools and practices one week and then the following week, have an assessor come in and look at your records and see that you just started doing it. The CMMC AB will ensure you have a culture where everybody in your organization understands the importance of cybersecurity.
CMMC is the best opportunity for you to go to the front of the line for DoD contracts. Any contractor who is not certified is not even allowed to bid on the DoD contracts. Other federal agencies will also be requiring CMMC in the near future.
Getting your pre-assessment, applying any remediations and/or closing any vulnerability gaps in your system and being on the path to be certified by the CMMC assessors will put you way ahead of the pack and it will give you the best opportunity to increase your profitability in the government space.