The Cybersecurity Maturity Model Certification (CMMC) - A pocket guide

  • 2h 14m 1s
  • William Gamble
  • IT Governance
  • 2022

A clear, concise primer on the CMMC

The United States DoD (Department of Defense) is one of the largest employers in the world, with about 2.87 million employees. It spends more than €5.9 billion a year among more than 350,000 contractors and subcontractors throughout its supply chain.

Information in the DoD network is shared digitally across the contractor and subcontractor supply chain, offering an irresistible target for nation-states and cyber criminals.

Protecting the DoD supply chain

The CMMC was developed to step up measures for protecting the DoD supply chain. Its objectives are to standardise cyber security controls and ensure that effective measures are in place to protect CUI (Controlled Unclassified Information) on contractor systems and networks.

All companies doing business with the DoD, including subcontractors, must become certified by an independent third-party commercial certification organisation.

Your essential guide to understanding the CMMC

To help you get to grips with the CMMC, this essential pocket guide covers:

  • What the CMMC is and why it has been introduced;
  • Who needs to comply with the CMMC;
  • The implementation process;
  • The road to certification; and
  • CMMC implications for firms doing business with the US government.

Suitable for senior management and the C-suite, general or legal counsel, IT executives, IT organisations, and IT and security students, this pocket guide will give you a solid introduction to the CMMC and its requirements.

About the Author

William Gamble is an international cyber security and privacy compliance expert. He is one of the few lawyers to hold advanced cyber security professional qualifications, and has an in-depth understanding of the design, management and deployment of technology within the ISO 27001 framework.

With more than 30 years’ experience of international regulatory practice in the US, EU, China and other countries, William has had hundreds of articles published globally, written three books, and appeared on numerous radio and television programmes around the world.

William is a member of the Florida Bar and several federal courts. His qualifications include Juris Doctor (JD), Master of Laws (LLM), CompTIA® A+, Network+, Security+, CASP (Advanced Security Practitioner), ISO 27001 Lead Auditor and Lead Implementer, and GDPR Practitioner (GDPR P).

In this Audiobook

  • Chapter 1 - An introduction to the US Department of Defense digital supply chain
  • Chapter 2 - Terms and definitions
  • Chapter 3 - Who needs to comply with the CMMC?
  • Chapter 4 - CMMC implementation
  • Chapter 5 - The road to certification
  • Chapter 6 - CMMC implications
  • Further reading


Rating 4.4 of 38 users Rating 4.4 of 38 users (38)
Rating 4.4 of 27 users Rating 4.4 of 27 users (27)
Rating 4.6 of 5 users Rating 4.6 of 5 users (5)