In this episode of Fed Gov Today with Francis Rose, the clock is ticking for vendors that do business with the Department of Defense. The long-anticipated final rule for the Cybersecurity Maturity Model Certification (CMMC) is officially out, and it takes effect November 10. That means solicitations will soon include CMMC requirements — and with more than 100,000 companies needing assessments, competition for assessors will heat up fast.

Government contracts expert, Eric Crusius of Hunton Andrews Kurth, joins Francis to break down the rule’s three-tier model, the phased rollout over the next three years, and what companies must do now to stay competitive. He explains why self-assessments will be required in year one, why there may be a “run on the bank” for assessors, and what questions businesses should ask before hiring assessment partners.

Subscribe and listen to the Fed Gov Today Podcast anytime on Apple Podcasts, Spotify, or at FedGovToday.com.