{"id":32902,"date":"2022-01-18T08:30:56","date_gmt":"2022-01-18T14:30:56","guid":{"rendered":"https:\/\/www.filecloud.com\/blog\/?p=32902"},"modified":"2022-01-18T08:50:39","modified_gmt":"2022-01-18T14:50:39","slug":"changes-coming-to-cmmc-in-2022-with-cmmc-2-0","status":"publish","type":"post","link":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/","title":{"rendered":"Changes Coming to CMMC in 2022 with CMMC 2.0"},"content":{"rendered":"<p><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-large wp-image-32908\" src=\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-1024x576.png\" alt=\"CMMC 2.0 - What to expect\" width=\"1024\" height=\"576\" srcset=\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-1024x576.png 1024w, https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-300x169.png 300w, https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-768x432.png 768w, https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-1536x864.png 1536w, https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-2048x1152.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"><\/p>\n<p class=\"p1\">The U.S. Department of Defense (DoD) published an\u00a0<a href=\"https:\/\/www.federalregister.gov\/documents\/2021\/11\/17\/2021-24880\/cybersecurity-maturity-model-certification-cmmc-20-updates-and-way-forward\"><span class=\"s1\">Advance Notice of Proposed Rulemaking<\/span><\/a>\u00a0(ANPRM) on November 17, 2021 which previewed significant changes to its Cybersecurity Model Certification (CMMC). The changes will take effect in 9 to 24 months from November.<\/p>\n<p class=\"p1\">CMMC 2.0 represents DoD\u2019s response after an internal review prompted by over 850 public comments to the September 2020 \u201cCMMC 1.0\u201d interim rule. While changes are in progress, the DoD\u00a0will not include CMMC requirements in its solicitations.\u00a0Contractors are advised to continue to follow the current cybersecurity \u201cassessments framework,\u201d which focuses on compliance with National Institute of Standards and Technology\u2019s (NIST) Special Publication (SP) 800-171 controls and the Basic Assessments required.<\/p>\n<p class=\"p1\">The revised program structure and requirements were created to meet the goals of the internal review.<\/p>\n<ul class=\"ul1\">\n<li class=\"li1\">Encourage accountability while minimizing barriers to DoD compliance<\/li>\n<li class=\"li1\">Protect sensitive information to protect and enable warfighters<\/li>\n<li class=\"li1\">Establish high professional and ethical standards to maintain public trust<\/li>\n<li class=\"li1\">Contribute to a collaborative culture of cybersecurity and cyber resilience<\/li>\n<li class=\"li1\">Enhance DIB cybersecurity to meet changing threats<\/li>\n<\/ul>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_63 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#What_is_the_CMMC_program\" title=\"What is the CMMC program?\">What is the CMMC program?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#Overview_of_CMMC_20\" title=\"Overview of CMMC 2.0\">Overview of CMMC 2.0<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#Improvements_to_the_CMMC_model_include\" title=\"Improvements to the CMMC model include:\">Improvements to the CMMC model include:<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#New_CMMC_20_Controls_and_Requirements\" title=\"New CMMC 2.0 Controls and Requirements\">New CMMC 2.0 Controls and Requirements<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#CMMC_20_Level_1_%E2%80%93_%E2%80%9CFoundational%E2%80%9C\" title=\"CMMC 2.0 Level 1 \u2013 \u201cFoundational\u201c\">CMMC 2.0 Level 1 \u2013 \u201cFoundational\u201c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#CMMC_20_Level_2_%E2%80%93_%E2%80%9CAdvanced%E2%80%9D\" title=\"CMMC 2.0 Level 2 \u2013 \u201cAdvanced\u201d\">CMMC 2.0 Level 2 \u2013 \u201cAdvanced\u201d<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#CMMC_20_Level_3_%E2%80%93_%E2%80%9CExpert%E2%80%9D\" title=\"CMMC 2.0 Level 3 \u2013 \u201cExpert\u201d\">CMMC 2.0 Level 3 \u2013 \u201cExpert\u201d<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#How_to_Prepare_for_CMMC_20\" title=\"How to Prepare for CMMC 2.0\">How to Prepare for CMMC 2.0<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"p3\"><span class=\"ez-toc-section\" id=\"What_is_the_CMMC_program\"><\/span>What is the CMMC program?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p1\">The Cybersecurity Maturity Model Certification\u00a0(CMMC) program\u00a0protects sensitive, unclassified information shared by the Department with contractors and subcontractors by enhancing the cyber protection standards of companies.\u00a0It\u00a0integrates requirements into acquisition plans and gives the DoD greater confidence that subcontractors and contractors are in compliance. The three key features of the framework are:<\/p>\n<ul class=\"ul1\">\n<li class=\"li1\"><b>Tiered Model: <\/b>Companies with access\u00a0to national security information must practice cybersecurity standards at progressively higher levels depending on the nature and sensitivity of the data.\u00a0There is also a proper process for how\u00a0information should flow down to subcontractors.<\/li>\n<li class=\"li1\"><b>Assessment Requirement: <\/b>CMMC assessments enable the Department to verify compliance with cybersecurity standards.<\/li>\n<li class=\"li1\"><b>Implementation via Contracts: <\/b>Certain DoD contractors who handle sensitive, unclassified DoD data will need to attain a specific CMMC level in order to be eligible for contract awards after full implementation of the program.<\/li>\n<\/ul>\n<h2 class=\"p3\"><span class=\"ez-toc-section\" id=\"Overview_of_CMMC_20\"><\/span>Overview of CMMC 2.0<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p1\">CMMC 2.0 will replace CMMC 1.0\u2019s five-level model with three levels of progressively increasing cybersecurity requirements. Each level is keyed to independent standards (e.g. Federal Acquisition Regulation (FAR), NIST requirements).\u00a0The new model also increases third party assessor oversight and eliminates CMMC-unique practices and \u201cmaturity\u201d requirements.<\/p>\n<h3 class=\"p1\"><span class=\"ez-toc-section\" id=\"Improvements_to_the_CMMC_model_include\"><\/span>Improvements to the CMMC model include:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p1\"><strong>More Speed and Flexibility<\/strong> \u2013 Allows waivers of CMMC requirements and lets companies create Plans of Action &amp; Milestones to obtain certification under certain circumstances.<\/p>\n<p class=\"p1\"><strong>Less Expensive<\/strong> \u2013 Allows all Level 1 (Foundational) and a subset at Level 2 (Advanced), to show compliance through self-assessments.<\/p>\n<p class=\"p1\"><strong>Streamlined Requirements<\/strong> \u2013 CMMC 2.0 focuses on the most critical requirements, reducing the model from 5 to 3 compliance levels.<\/p>\n<p class=\"p1\"><strong>Use of Widely Accepted Standards<\/strong> \u2013 The model now uses National Institute of Standards and Technology\u2019s (NIST) cybersecurity standards and removes CMMC-unique practices.<\/p>\n<p class=\"p1\"><strong>More Accountability<\/strong> \u2013<span class=\"Apple-converted-space\">\u00a0 <\/span>Increases oversight of professional and ethical standards of third-party assessors.<\/p>\n<h2 class=\"p3\"><span class=\"ez-toc-section\" id=\"New_CMMC_20_Controls_and_Requirements\"><\/span><b>New CMMC 2.0 Controls and Requirements<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p1\">These are the new requirements for tiered entry in the three-level model:<\/p>\n<h4 class=\"p1\"><span class=\"ez-toc-section\" id=\"CMMC_20_Level_1_%E2%80%93_%E2%80%9CFoundational%E2%80%9C\"><\/span><i>CMMC 2.0 Level 1 \u2013 \u201cFoundational<\/i>\u201c<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p class=\"p1\">Level 1 must match the same 15 controls as\u00a0<a href=\"https:\/\/www.acquisition.gov\/far\/52.204-21-0\"><span class=\"s1\">FAR52.204-21<\/span><\/a>\u00a0\u201cbasic\u201d controls to protect Federal Contract Information.\u00a0There are annual certifications and self-assessments by company leadership. This is essentially the same as the previous model.<\/p>\n<h4 class=\"p1\"><span class=\"ez-toc-section\" id=\"CMMC_20_Level_2_%E2%80%93_%E2%80%9CAdvanced%E2%80%9D\"><\/span><i>CMMC 2.0 Level 2 \u2013 \u201cAdvanced\u201d<\/i><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p class=\"p1\">CMMC 2.0 Level 2 is based upon the old CMMC 1.0 Level 3. However, the new Level 2 CMMC control lowers the number of required controls to 110 controls in the\u00a0<a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-171\/rev-2\/final\"><span class=\"s1\">SP 800-171<\/span><\/a>\u00a0Revision.\u00a02 (NIST SP 800171). This eliminates 20 additional CMMC 1.0 Level 3 controls.<\/p>\n<p class=\"p1\">There will be a division between \u201cprioritized\u201d and \u201cnonprioritized\u201d acquisitions based on the sensitivity of information involved.\u00a0An example of a prioritized acquisition might be one that includes Controlled Unclassified Information (CUI) related to weapons systems. A nonprioritized acquisition might include CUI regarding military uniforms. Details about prioritization will be released in future rulemakings.<\/p>\n<p class=\"p1\">Prioritized acquisitions will need an independent third party assessment (C3PAO) every three years. Nonprioritized acquisitions only require an annual self-assessment and certification.<\/p>\n<h4 class=\"p1\"><span class=\"ez-toc-section\" id=\"CMMC_20_Level_3_%E2%80%93_%E2%80%9CExpert%E2%80%9D\"><\/span><i>CMMC 2.0 Level 3 \u2013 \u201cExpert\u201d<\/i><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p class=\"p1\">Level 3 of CMMC 2.0 will replace Levels 4 and 5 in CMMC 1.0.<\/p>\n<p class=\"p1\">Most importantly, acquisitions at the new Level 3 \u201cExpert\u201d level will require triennial\u00a0<b>government-led\u00a0<\/b>assessments.\u00a0In addition to the 110 controls that are required for the new Level 2 certification, Level 3 certification will require compliance with\u00a0<a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-172\/final\"><span class=\"s1\">NIST\u2019s SP 800-172<\/span><\/a>.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"How_to_Prepare_for_CMMC_20\"><\/span>How to Prepare for CMMC 2.0<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Cyberattacks on the Defense Industrial Base (DIB), are becoming more frequent and more complex.\u00a0Therefore, cybersecurity is a priority for the Department of Defense.\u00a0The DoD created the CMMC program in order to protect American ingenuity as well as national security information. Its purpose is to improve DIB cybersecurity to better meet evolving threats and safeguard the information that supports and enables warfighters.<\/p>\n<p><span data-id=\"5\">The DoD encourages contractors to improve their cybersecurity posture during this transition.<\/span>\u00a0<span data-id=\"6\">To assist DIB companies in assessing their cybersecurity readiness and implementing sound cybersecurity practices, the Department created\u00a0<a href=\"https:\/\/www.projectspectrum.io\/\">Project Spectrum<\/a>.<\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"1\"><span data-id=\"9\">As rulemaking is underway, the Department plans to suspend current CMMC efforts and will not approve CMMC requirements being included in DoD solicitations.<\/span><\/span><\/p>\n<p><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"2\">Once the rules become effective, companies will have to comply, and the rules<\/span><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"3\">\u00a0will be open for public comment. T<\/span><span class=\"wordai-block rewrite-block enable-highlight\" data-id=\"7\">he DoD says it will seek out opportunities to engage stakeholders as it moves towards full implementation as participation by stakeholders is crucial to achieving the goals of the CMMC program.\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The U.S. Department of Defense (DoD) published an\u00a0Advance Notice of Proposed Rulemaking\u00a0(ANPRM) on November 17, 2021 which previewed significant changes to its Cybersecurity Model Certification (CMMC). The changes will take effect in 9 to 24 months from November. CMMC 2.0 represents DoD\u2019s response after an internal review prompted by over 850 public comments to the [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v20.13 (Yoast SEO v20.13) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Changes Coming to CMMC in 2022 with CMMC 2.0 - FileCloud blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Changes Coming to CMMC in 2022 with CMMC 2.0\" \/>\n<meta property=\"og:description\" content=\"The U.S. Department of Defense (DoD) published an\u00a0Advance Notice of Proposed Rulemaking\u00a0(ANPRM) on November 17, 2021 which previewed significant changes to its Cybersecurity Model Certification (CMMC). The changes will take effect in 9 to 24 months from November. CMMC 2.0 represents DoD\u2019s response after an internal review prompted by over 850 public comments to the [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/\" \/>\n<meta property=\"og:site_name\" content=\"FileCloud blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/tonidopage\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-18T14:30:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-01-18T14:50:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-1024x576.png\" \/>\n<meta name=\"author\" content=\"esther cheng\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@getfilecloud\" \/>\n<meta name=\"twitter:site\" content=\"@getfilecloud\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"esther cheng\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/\"},\"author\":{\"name\":\"esther cheng\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/16ec1253132b6a54486e23f5b8322d79\"},\"headline\":\"Changes Coming to CMMC in 2022 with CMMC 2.0\",\"datePublished\":\"2022-01-18T14:30:56+00:00\",\"dateModified\":\"2022-01-18T14:50:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/\"},\"wordCount\":863,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#organization\"},\"articleSection\":[\"Enterprise File Sharing\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/\",\"url\":\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/\",\"name\":\"Changes Coming to CMMC in 2022 with CMMC 2.0 - FileCloud blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#website\"},\"datePublished\":\"2022-01-18T14:30:56+00:00\",\"dateModified\":\"2022-01-18T14:50:39+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.filecloud.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Changes Coming to CMMC in 2022 with CMMC 2.0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#website\",\"url\":\"https:\/\/www.filecloud.com\/blog\/\",\"name\":\"FileCloud blog\",\"description\":\"Topics on Private cloud, On-Premises, Self-Hosted, Enterprise File Sync and Sharing\",\"publisher\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.filecloud.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#organization\",\"name\":\"FileCloud\",\"url\":\"https:\/\/www.filecloud.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg\",\"contentUrl\":\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg\",\"width\":155,\"height\":40,\"caption\":\"FileCloud\"},\"image\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/tonidopage\",\"https:\/\/twitter.com\/getfilecloud\",\"https:\/\/www.linkedin.com\/company\/codelathe\",\"https:\/\/www.pinterest.com\/filecloud\/filecloud\/\",\"https:\/\/www.youtube.com\/channel\/UCbU5gTFdNCPESA5aGipFW6g\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/16ec1253132b6a54486e23f5b8322d79\",\"name\":\"esther cheng\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ea3b9ff8349c4929f9c0a484c3d7a5b9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ea3b9ff8349c4929f9c0a484c3d7a5b9?s=96&d=mm&r=g\",\"caption\":\"esther cheng\"},\"url\":\"https:\/\/www.filecloud.com\/blog\/author\/esther\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Changes Coming to CMMC in 2022 with CMMC 2.0 - FileCloud blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/","og_locale":"en_US","og_type":"article","og_title":"Changes Coming to CMMC in 2022 with CMMC 2.0","og_description":"The U.S. Department of Defense (DoD) published an\u00a0Advance Notice of Proposed Rulemaking\u00a0(ANPRM) on November 17, 2021 which previewed significant changes to its Cybersecurity Model Certification (CMMC). The changes will take effect in 9 to 24 months from November. CMMC 2.0 represents DoD\u2019s response after an internal review prompted by over 850 public comments to the [&hellip;]","og_url":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/","og_site_name":"FileCloud blog","article_publisher":"https:\/\/www.facebook.com\/tonidopage","article_published_time":"2022-01-18T14:30:56+00:00","article_modified_time":"2022-01-18T14:50:39+00:00","og_image":[{"url":"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2022\/01\/CMMC-2.0-Banner_Page_1-1024x576.png"}],"author":"esther cheng","twitter_card":"summary_large_image","twitter_creator":"@getfilecloud","twitter_site":"@getfilecloud","twitter_misc":{"Written by":"esther cheng","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#article","isPartOf":{"@id":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/"},"author":{"name":"esther cheng","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/16ec1253132b6a54486e23f5b8322d79"},"headline":"Changes Coming to CMMC in 2022 with CMMC 2.0","datePublished":"2022-01-18T14:30:56+00:00","dateModified":"2022-01-18T14:50:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/"},"wordCount":863,"commentCount":0,"publisher":{"@id":"https:\/\/www.filecloud.com\/blog\/#organization"},"articleSection":["Enterprise File Sharing"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/","url":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/","name":"Changes Coming to CMMC in 2022 with CMMC 2.0 - FileCloud blog","isPartOf":{"@id":"https:\/\/www.filecloud.com\/blog\/#website"},"datePublished":"2022-01-18T14:30:56+00:00","dateModified":"2022-01-18T14:50:39+00:00","breadcrumb":{"@id":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.filecloud.com\/blog\/changes-coming-to-cmmc-in-2022-with-cmmc-2-0\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.filecloud.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Changes Coming to CMMC in 2022 with CMMC 2.0"}]},{"@type":"WebSite","@id":"https:\/\/www.filecloud.com\/blog\/#website","url":"https:\/\/www.filecloud.com\/blog\/","name":"FileCloud blog","description":"Topics on Private cloud, On-Premises, Self-Hosted, Enterprise File Sync and Sharing","publisher":{"@id":"https:\/\/www.filecloud.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.filecloud.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.filecloud.com\/blog\/#organization","name":"FileCloud","url":"https:\/\/www.filecloud.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg","contentUrl":"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg","width":155,"height":40,"caption":"FileCloud"},"image":{"@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/tonidopage","https:\/\/twitter.com\/getfilecloud","https:\/\/www.linkedin.com\/company\/codelathe","https:\/\/www.pinterest.com\/filecloud\/filecloud\/","https:\/\/www.youtube.com\/channel\/UCbU5gTFdNCPESA5aGipFW6g"]},{"@type":"Person","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/16ec1253132b6a54486e23f5b8322d79","name":"esther cheng","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ea3b9ff8349c4929f9c0a484c3d7a5b9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ea3b9ff8349c4929f9c0a484c3d7a5b9?s=96&d=mm&r=g","caption":"esther cheng"},"url":"https:\/\/www.filecloud.com\/blog\/author\/esther\/"}]}},"_links":{"self":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts\/32902"}],"collection":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/comments?post=32902"}],"version-history":[{"count":7,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts\/32902\/revisions"}],"predecessor-version":[{"id":32911,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts\/32902\/revisions\/32911"}],"wp:attachment":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/media?parent=32902"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/categories?post=32902"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/tags?post=32902"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}