Navigating CMMC 2.0: How Proofpoint DSPM Accelerates Compliance For Defense Contractors
Proofpoint, Friday, October 31st, 2025
The Cybersecurity Maturity Model Certification (CMMC) is a tiered cybersecurity program mandated by the U.S. Department of Defense (DoD). Contractors and vendors must adopt CMMC to protect sensitive defense data on their systems.
In September 2025, the DoD published the final CMMC rule, formally integrating CMMC 2.0 into the Defense Federal Acquisition Regulation Supplement (DFARS). This rule takes effect on November 10, 2025. From that date, the DoD can include new contract clauses that make CMMC compliance a condition of award for contracts handling Federal Contract Information (FCI) or Controlled Unclassified Information (CUI).