{"id":233091,"date":"2026-06-17T18:23:00","date_gmt":"2026-06-17T22:23:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/17\/senate-ndaa-proposes-cmmc-grant-program\/"},"modified":"2026-06-17T18:25:15","modified_gmt":"2026-06-17T22:25:15","slug":"senate-ndaa-proposes-cmmc-grant-program","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/17\/senate-ndaa-proposes-cmmc-grant-program\/","title":{"rendered":"Senate NDAA proposes CMMC grant program"},"content":{"rendered":"

Senate NDAA proposes CMMC grant program<\/a><\/p>\n

https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/06\/senate-ndaa-proposes-cmmc-grant-program\/<\/a><\/p>\n

Publish Date: 2026-06-17 18:23:00<\/a><\/p>\n

Source Domain: federalnewsnetwork.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

The Senate Armed Services Committee has advanced legislation that would set up a grant program for small businesses and nontraditional contractors to cover the costs of Cybersecurity Maturity Model Certification (CMMC) compliance.
\nThe CMMC grant program is included in the full text of the committee\u2019s fiscal 2027 defense authorization bill, released Tuesday. The committee released the text Tuesday after approving the bill in a June 10 closed-door mark up.
\nIf passed into law, the provision would require the Defense Department to establish the CMMC grant program by July 1, 2027.
\nDoD is ramping up CMMC \u201cLevel Two\u201d requirements starting this November. Those requirements are expected to apply to tens of thousands of companies. They generally require contractors that are expected to handle sensitive controlled unclassified information (CUI) to have their data security practices evaluated by a CMMC Third-party Assessment Organization (C3PAO).]]><\/p>\n

The grant program in the Senate defense bill would be available to small businesses and new entrants to offset the costs of a C3PAO assessment.
\nThe maximum amount per grant would be $100,000. The bill would cap the total funding allotted for the CMMC grant program at $50 million. It would also require the program to prioritize organizations that have not previously held a DoD contract or subcontract.
\nThe bill would also require that the grant only be used to offset direct costs associated with a CMMC Level Two third-party assessment.
\nThe Senate bill\u2019s language seeks to address persistent concerns around whether CMMC compliance could force small businesses to leave the defense industrial base or dissuade new companies from seeking defense contracts.
\nIn the final CMMC program rule issued in 2024, DoD estimated that the Level Two certification costs for a small business would be a little more than $101,000.
\nThose cost estimates don\u2019t include the cost of building a cybersecurity program, as the Pentagon notes CMMC merely evaluates cyber requirements that have been on the books since 2016.
\nInstead, the estimates reflect the expected costs of preparing for a CMMC assessment \u2013 such as working with an external service provider \u2013 and then conducting the assessment, including paying a C3PAO.]]><\/p>\n

While Pentagon officials have said the cybersecurity evaluations are necessary to ensure defense contractors can protect sensitive data, DoD has also sought to address some of the concerns raised by small business advocates about the burdens of the cyber compliance regime.
\nLast year, DoD\u2019s Office of Small Business Programs conducted a pulse survey to gauge CMMC readiness, concerns and challenges.
\nThe Army has also launched a cloud-based, secure environment that small businesses can use to store data and meet the cyber requirements evaluated by CMMC. Earlier this year, the Army awarded contracts to eight companies worth a collective $49 million to provide services under the Next-Generation Commercial Operations in Defended Enclaves, or NCODE, program.
\nInsider threat reporting for AI companies
\nThe Senate bill would also establish insider threat reporting requirements for major artificial intelligence companies that do business with the Pentagon. The insider threat reporting rules would be aimed at protecting DoD \u201csystems, missions, personnel, operations, and supply chains from counterintelligence, security, and other national security risks.\u201d
\nThe provision comes as the Pentagon works with major AI model manufacturers to integrate the technology across its operations. At the same time, the Trump administration recently prohibited any foreign access to Anthropic\u2019s latest frontier model over national security concerns. The decision forced Anthropic to block all access to the tool.
\nThe Senate bill\u2019s provision would bring major AI companies into the same fold as classified defense contractors, which are required to maintain insider threat programs and provide training to their employees.
\nPost-quantum deadline
\nThe Senate bill also establishes deadlines for when DoD should adopt post-quantum cryptography algorithms approved by the National Institute of Standards and Technology.
\nThe bill would set a deadline of Dec. 31, 2030, for key establishment, which is used \u00a0for establishing confidential communication using encryption among two or more parties, according to the Cybersecurity and Infrastructure Security Agency.
\nThe deadline for adopting PQC for digital signatures would be one year later under the Senate bill, on Dec. 31, 2031. CISA says digital signatures are \u201coften essential for authenticating the parties participating in a communication and for establishing the authenticity of data, products, and services.\u201d]]><\/p>\n

The deadlines would not apply to cryptographic keys generated and distributed by the National Security Agency for protecting classified and sensitive national security information.
\n Copyright
\n \u00a9\u00a02026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Senate NDAA proposes CMMC grant program https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/06\/senate-ndaa-proposes-cmmc-grant-program\/ Publish Date: 2026-06-17 18:23:00 Source Domain: federalnewsnetwork.com Author:…<\/p>\n","protected":false},"author":1,"featured_media":233092,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/03\/GettyImages-692059784.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,24,28],"class_list":["post-233091","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-cybersecurity","tag-data-security"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233091"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=233091"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233091\/revisions"}],"predecessor-version":[{"id":233093,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233091\/revisions\/233093"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/233092"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=233091"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=233091"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=233091"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}