The Cybersecurity Maturity Model Certification (CMMC) is a security framework implemented by the US Department of Defense (DoD) to improve protection of the defense industrial base. Like other security frameworks, the CMMC has a collection of controls for processes and practices with the goal of achieving a certain level of cybersecurity maturity. The main purpose of the CMMC is to provide assurance to the DoD that a company holding federal contracts has the appropriate measures in place to safeguard Controlled Unclassified Information (CUI) and Federal Contract Information (FCI), and to account for how that information flows. It’s also a powerful framework that can apply to anyone looking to boost their security posture.
If the University uses Federal funds for research with the Department of Defense, you may want to consider CMMC certification. CAG can help with a pre-assessment to ensure the University passes the certification.