The DOD launched DFARS — the Defense Federal Acquisition Regulations System — in 2015 to help ensure that its contractors took the measures needed to protect sensitive data from cybersecurity attacks.
Even with CMMC 2.0 looming in the near future, DFARS is still relevant.
What’s the difference between DFARS and CMMC?
Between 2019 and 2021, the DOD released and subsequently revised CMMC to augment and eventually replace DFARS. There are similarities and differences.
- Both created to protect CUI/other sensitive data
- Both align with NIST 800-171 controls
- DFARS allows self-assessment; CMMC 2.0 requires third party
- DFARS is not tiered; CMMC defines 3 compliance levels
Every solution begins with a conversation.
Contact us today for a no-obligation discussion of CMMC 2.0 compliance, what's required, what you may need and what we can do to provide it. We've helped hundreds of DOD contractors. We can help you.