New Cyber Maturity Model Certification (CMMC) Guidance Released (Government Contractors)

https://www.federalregister.gov/documents/2025/09/10/###-###-#### /defense-federal-acquisition-regulation-supplement-assessing-contractor-implementation-of#p-amd-2 Been watching this for many years, but the need to tighten up the cyber security situation of the defense industrial base is long overdue. New guidance published did delay the need to get audited immediately which has to be a bit of a relief to any Govcon sellers out there. One thing is for sure whether you're a buyer or a seller of a entity that is a member of the Defense Industrial Base or other Government Contractor/Supplier relationship, you're going to need to factor in some amount of money for cyber security equipment, software, staff and ongoing compliance paperwork to prove it. I'm seeing estimates around $40,000 initial project cost to get "inspection ready" with a 3rd party audits in the $50,000-60,000 range right now.