<img alt="" src="https://secure.badb5refl.com/165368.png" style="display:none;">

2021 CMMC Preparation Study Published

By Cyber Insights Team on April 13, 2021

Get Free Insights

2021 CMMC Preparation Study Published

April 13, 2021 | BY Cyber Insights Team

Report Examines Perspectives, Cost Expectations and Approaches Used by DoD Contractors

During December 2020 and January 2021, Apptega and SecureStrux conducted the
inaugural CMMC Certification Preparation Study.

Individual study participants represented 130 prime contractors and subcontractors in
the U.S. Department of Defense (DoD) Defense Industrial Base (DIB). Participants included
business owners, CIOs, CISOs, and other Heads of IT, Security and Compliance.

Participants provided insights into their CMMC perspectives, current NIST 800-171
compliance status, approach and scope of their CMMC preparation, and cost estimates.
This report examines their feedback and provides correlations that serve as benchmarks to
assist all contractors in the DIB with their plans for CMMC certification.

-->Download the full study: https://www.apptega.com/white-papers/cmmc-prep-study

Key Findings from the Study Include:

  • 81% of the study participants indicated that CMMC is an important initiative needed to protect sensitive information within the DIB. None of the participants indicated that CMMC is not an important initiative.
  • In spite of agreement on the importance of CMMC, nearly one-third of the participants indicated that CMMC will create unnecessary burdens and costs, and compliance with NIST 800-171 is sufficient without CMMC. This perspective varied widely between larger and smaller contractors.
  • Two-thirds of the participants indicated that moving quickly to demonstrate compliance with CMMC will create a competitive advantage for their organization.
  • Nearly 50% of the participants indicated that they expect to see business growth opportunities linked to achieving CMMC readiness and certification.
  • Most contractors are taking a hybrid approach to preparation, utilizing both internal personnel and consulting assistance. Very few are completely dependent on a consultant.
  • Most contractors are including their entire organization in the scope of CMMC preparation and certification. The percentage of smaller contractors taking an all-company approach is higher than average, and most larger contractors are taking a divisional, or enclave approach.
  • Cost expectations vary widely and, not surprisingly, are lower for smaller organizations. Unexpectedly, the projected cost of CMMC preparation and certification is not inversely correlated to the current degree of compliance with NIST 800-171.

-->Download the full study:  https://www.apptega.com/white-papers/cmmc-prep-study

More Resources

NYDFS Levels First NYCRR 500 Penalties | Apptega

The recent NYDFS penalties highlight the need to stay abreast of ever-evolving regulations and compliance mandates. Read on to learn more...

Learn More

Executive Order May Require Breach Reporting to the Federal Government

Biden's new executive order could require software vendors working with the federal government to report cybersecurity breaches. Read on to learn more.

Learn More

Remote Desktop: You're Opening the Floodgates for Hackers

Remote Desktop Protocol allows users to connect to remote systems over the network. Read why this software puts your organization at risk for hackers.

Learn More

Subscribe to Our Cybersecurity Insights