New Cybersecurity Rules for Businesses: What You Need To Know

Does your business do any work for the Department of Defense?

Do you work with Controlled Unclassified Information (CUI)?

Is your business following proper processes and practices to protect this data?

What you need to know:

On September 29, 2020 the Department of Defense published the interim rule for the implementation of the Cybersecurity Maturity Model Certification (CMMC) with DFARS Case 2019-D041- Assessing Contractor Compliance with Cybersecurity Requirements EFFECTIVE: November 30, 2020.

While the rollout of the CMMC assessment requirements will be phased in over the next 5 years there is an immediate requirement to self-report your NIST SP 800-171 assessment score to the Supplier Performance Risk System (SPRS) at

The interim rule amends DFARS subpart 204.73, Safeguarding Covered Defense Information and Cyber Incident Reporting, to implement the NIST SP 800–171 DoD Assessment Methodology. It directs contracting officers to verify in SPRS that an offeror has a current NIST SP 800–171 DoD Assessment score on record, prior to contract award.

Your team at Back To Business I.T. has the expertise to help!

Backed by the power of The Greentree Group, our Cybersecurity experts can perform your cybersecurity assessment and determine your current score, as well as work with you on a plan to resolve any areas of non-compliance.  Don’t delay, contact us before your next contract award or renewal gets delayed due to a missing SPRS self-assessment score.

Not sure if this affects your business? Let’s figure it out together!

Back To Business I.T. is a service brought to you by The Greentree Group. Our RPO certification enables us to provide consulting services to defense contractors and suppliers seeking to obtain the mandatory new Cybersecurity Maturity Model Certification (CMMC).



Subscribe to our monthly newsletter for more updates like this.

Take care of your business. We'll take care of your I.T.

  • Please provide the information below and someone will be in contact with you regarding our CMMC compliance solutions.

  • This field is for validation purposes and should be left unchanged.



What emails would you like to receive?

Email Format