In this post, we're going to delve into a topic that has been creating ripples in the cybersecurity industry, government bodies, and various industries: new state laws concerning cybersecurity.

The landscape is evolving, and businesses of all sizes, as well as individuals, will need to adapt and adopt more stringent cybersecurity measures.

Safeguarding Controlled Unclassified Information (CUI) has recently become a top priority for the Department of Defense. To establish a standardized approach, the White House issued Executive Order (EO) 13556 in November 2010, aiming to effectively manage the safeguarding and dissemination of sensitive information across government agencies.

The Defense Federal Acquisition Regulation Supplement (DFARS) incorporated the Cybersecurity Maturity Model Certification (CMMC) in January 2020, which was updated to CMMC 2.0 in November 2021. This decision impacted over 300,000 members of the defense industrial base (DIB), and many were overwhelmed by the noise surrounding CMMC and its implications for current and future government contracts.