Microsoft has recently announced how it would be improving its compliance to the Cybersecurity Maturity Model Certification (CMMC) to ensure better digital defense when it comes to cybersecurity. The company has released an official post about the implications of its planned actions.

Microsoft is Increasing Its Efforts to Comply with the Cybersecurity Maturity Model Certification

According to the story by Microsoft, John Sherman, the Chief Information Officer of the US Department of Defence (DOD), recently gave a statement regarding how the CMMC was necessary when it came to ensuring the best for the US. This comes as the CMMC ensures that the country raises the bar when it comes to sensitive information protection.

The DOD is reportedly leading by example when it comes to implementing what was described as its Zero Trust practices. This comes as it also starts to introduce CMMC in order to strengthen what was described as the "supply chain throughout the Defense Industrial Base (DIB)."

This was because shared information was reportedly only as strong as its weakest link. It was noted that the DIB as a whole is already trying to work toward improving its security posture but there can be many challenges when it comes to preparing the needed full third-party audit.

The Importance of Small and Medium-Sized Businesses to Improve Their Security Measures

It was noted that this was especially true when it came to small and medium-sized businesses (SMBs). Although there are a few DIB organizations that could be well-positioned when it comes to being a Third-Party Assessment Organization (3PAO) audit, it was noted that the DIB still played an important role.

The DIB organizations still needs to ensure that they achieve CMMC compliance when it comes to realizing the objective. So far, Microsoft is introducing new capabilities when it comes to two of its products that relate to the matter.

Microsoft added new capabilities to its Microsoft Purview and Microsoft Entra ID, that would not only support compliance to the CMMC, but will also help accelerate other security fields. This includes accelerating their Zero Trust journeys.

Read Also: North Korean Hackers Behind JumpCloud Breach, Says Security Experts

Microsoft Signed Up for a CMMC Voluntary Assessment Effort

The company also highlighted identity and data protection, which they note are very important when it comes to compliance, security, and even helping more users when it comes to productivity and collaboration. This comes despite the CMMC 2.0 still being in its early stages.

It was noted that despite that, DIB companies should still move forward with being able to meet the CMMC requirements in place, including undergoing voluntary assessments. This would help the majority when it comes to improving national security while also allowing companies to pose themselves and get them ready for potential DOD compliance in the future.

The National Cybersecurity Strategy also noted that those that were capable of doing more should, in fact, do so. With this, Microsoft decided to take on the challenge by signing up for a CMMC voluntary assessment effort, where it scored 110 points, considered a perfect score.

Related Article: Fallout from U.S. Military's Trinity Test, Other Nuclear Projects Shows it Affected 46 States