DoD Cybersecurity Compliance Frequently Asked Questions

If the latest cybersecurity requirements for defense contractors have left you with more questions than answers, you're not alone. In fact, we've taken the top searched questions and answered them all for you in our new DoD Cybersecurity Compliance FAQ.
2021 DoD Cybersecurity Compliance FAQ_Page_01


Answered by the Experts!

We've gone to the experts like Department of Defense, CISO A&S, Katie Arrington, John Ellis, Director of the Software Division at DCMA, Ben Tchoubineh, former Training Committee chair of the CMMC-AB Board of Directors, and many more from FireEye, Microsoft, and others to answer your burning cybersecurity compliance questions.

Always the latest information with new versions every quarter.
Answers taken from government and industry leaders.
Questions submitted by defense contractors like you.

What's Covered?

CMMC Questions

  • What are the CMMC Levels and the requirements for each?
  • What happens if you fail the CMMC assessment?
  • How can I prepare for a CMMC assessment?

NIST 800-171 Questions

  • Does NIST 800-171 require encryption at rest?
  • Who needs to comply with NIST 800-171?
  • When is NIST 800-171 required?

Software Questions

  • Is Microsoft coming up with automatic scoring based on the use of MS G5?
  • What is the government doing for small businesses to prevent another SolarWinds attack?

General Compliance

  • When should companies planning to achieve CMMC Level 3 / Level 4 expect to be able to formally assessed/scored?
  • What are the first 3 things I should upgrade to better my company's score?
  • What is CUI?

Business Questions

  • How does cybersecurity compliance apply to subcontractors and suppliers based overseas?

& More!

Submit a Question!

We update the DoD Cybersecurity Compliance FAQ factsheet quarterly, so there is still time to get your answers. Share your questions below and make sure to "whitelist" Ardalyst emails to be the first to receive the factsheet.