New Cybersecurity Compliance Deadline for New Jersey Manufacturers

In the ever-evolving landscape of cybersecurity compliance, the Department of Defense (DOD) has been at the forefront, ensuring the protection of Controlled Unclassified Information (CUI). For manufacturers engaged in or aspiring to secure DOD contracts, adherence to NIST 800-171/DFARS 7012 standards has been a requirement. However, a significant shift is on the horizon with the imminent implementation of the Cybersecurity Maturity Model Certification (CMMC) Program. This initiative by the DOD aims to verify that defense contractors and subcontractors have implemented specified security requirements and are maintaining compliance throughout their contract period.

Key Points and Dates for CMMC:

• CMMC Final Rule: The final rule is set to be published soon, signaling the beginning of a new era in DOD cybersecurity compliance.
• Audit Commencement/Deadline: Audits for CMMC compliance are scheduled to commence in Q1, 2025.

Manufacturer Cybersecurity Remediation Challenges

For the average manufacturer with between 30 to 100 employees, the journey from assessment to full implementation and documentation of all 110 Level 2 Controls—mandatory for DOD compliance—takes an average of 12 months. This timeline is particularly critical for New Jersey, which boasts a robust Defense Industrial Complex of around 900 manufacturers currently in the DOD supply chain. All are expected to achieve compliance by Q1, 2025, for new contract distribution.

• Webinar: CMMC Mandate Compliance Requirements for DOD Contractors – Time is Running Out

Cybersecurity Framework 2.0: Beyond Defense Contracts

While DOD contractors face these specific challenges, all manufacturers, irrespective of industry, are urged to prioritize cybersecurity to protect their enterprises and foster growth. The National Institute of Standards and Technology (NIST) has also recently released Cybersecurity Framework 2.0 (CSF 2.0), extending its applicability to organizations of all sizes and sectors. The update introduces a governance focus, emphasizing strategic decision-making in cybersecurity. It offers user-friendly resources, including quick-start guides, success stories, and a searchable catalog of references. The framework’s six key functions remain, providing a comprehensive view of cybersecurity risk management. CSF 2.0 caters to varying user needs, encouraging community feedback for ongoing enhancements. The international use of CSF is expected to grow with translations and collaboration with ISO/IEC.

• Protect Your Enterprise: Safeguard confidential financial, employee, and customer information. Industries like Life Science/Medical Device, Chemical, Food, and Fragrance Manufacturing must pay particular attention to privacy, with proprietary formulations and health information on the line.
• Grow Your Business: Embracing advanced manufacturing technologies is key to business growth. However, it introduces IT infrastructure vulnerabilities that need to be proactively managed.

Your Trusted Partner in Cybersecurity Compliance

In the dynamic cybersecurity landscape, the New Jersey Manufacturing Extension Program (NJMEP) is THE manufacturing resource. Offering comprehensive support, our team of experts assists manufacturers in navigating the complexities of cybersecurity compliance, whether it’s meeting DOD standards or safeguarding enterprise data.

Don’t navigate the path to compliance alone.

Stay ahead in the cybersecurity game and lean on your trusted manufacturing resource for support on getting started.

Interested in learning more about the CMMC? Connect with an expert, today!