CMMC is Now Implemented, Now What? A Primer on What is Happening and What is to Come

No ratings

Presented at BSidesKC 2025 by

Jered Bare

The long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 is no longer just a proposal—it’s officially implemented. Now, defense contractors, subcontractors, and public institutions handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) must navigate compliance under a rapidly evolving landscape. But what does this mean in practice? Building from last year's session, this session will break down the immediate impacts of CMMC implementation, what companies are facing right now, and what's coming next as enforcement ramps up.