CyberSheath has released the State of the DIB Report 2025, revealing that only one percent of defense contractors are prepared for the Cybersecurity Maturity Model Certification final rule, which will take effect this November.
Table of Contents
Defense Industrial Base Unprepared for Assessments
CyberSheath said Tuesday it commissioned Merrill Research to conduct the study, which reveals a significant lack of readiness among the defense industrial base as contractors prepare for assessments determining their eligibility to continue working with the Department of Defense. Preparedness dropped from eight percent in 2023 to four percent in 2024.
Compliance Gaps Persist Across DFARS & SPRS Metrics
While 69 percent of respondents claim Defense Federal Acquisition Regulation Supplement compliance via self-assessment, just 30 percent have undergone validated assessments. Only 42 percent have submitted Supplier Performance Risk System scores, with a median score of 60—far below the required 110. Notably, 17 percent reported negative scores.
Adoption of key cybersecurity measures remains limited. Only 27 percent of contractors implement multi-factor authentication, 25 percent use endpoint detection and response, and 21 percent deploy vulnerability management tools. Meanwhile, 89 percent report losses due to cyber incidents.
Remarks From CyberSheath CEO
“Eighty thousand defense contractors need Level 2 certification, yet only 270 of these organizations currently hold final CMMC certificates,” said CyberSheath CEO Emil Sayegh.
Related Articles
President Donald Trump has nominated Mark Ditlevson as the next assistant secretary of defense for homeland defense and hemispheric affairs. According to Congress records, the nomination was received by the Senate on Oct. 2 and has since been referred to the Committee on Armed Services. If confirmed, Ditlevson will succeed Melissa Griffin Dalton, who served in the position under President Joe Biden. Learn more about the global threats the U.S. is currently facing and key developments in homeland security at the Potomac Officers Club’s 2025 Homeland Security Summit on Nov. 12. The in-person event will feature panel discussions between government
The Department of the Army has combined U.S. Army Futures Command and Army Training and Doctrine Command, or TRADOC, to form Army Transformation and Training Command, or T2COM. Army Transformation & Training Command’s Mission & Functions According to a notice published Thursday on the Army Publishing Directorate’s website, the military branch expects T2COM to enable the synchronization and integration of force development, force generation and force design responsibilities under a singular Army command. T2COM will be responsible for synchronizing recruitment efforts. The command will educate, train and strengthen the profession of arms and advance Army modernization initiatives. It will also
The White House’s Council of Economic Advisers has released a report warning that the U.S. could lose as much as $15 billion in gross domestic product for each week the government is shut down. A monthlong government shutdown could result in 43,000 additional unemployed individuals in the U.S., according to the CEA analysis published Wednesday. Government Shutdown’s Disruption to Federal Workforce The report noted that more than 1.9 million federal civilian employees could be subject to furloughs or required to continue working without pay during a government shutdown. According to the analysis, federal contractors are not eligible for backpay once