Blog

22
Jan
CMMC Compliance

No. CMMC (Cybersecurity Maturity Model Certification) is solely a Department of Defense initiative. Many of the CMMC requirements will, of course, overlap with other non-Defense federal cybersecurity hygiene requirements. But the CMMC model and testing is a purely Defense oriented protocol.

20
Jan
CMMC Compliance

The Department of Defense is planning a phased rollout of CMMC requirements over the next several years. As CMMC requirements are issued on a per-contract basis, the phased rollout is defined as a steady increase in yearly prime contracts requiring a CMMC certification for contractors. The number of contracts scheduled to have CMMC requirements in […]

16
Jan
CMMC Compliance

CMMC (Cybersecurity Maturity Model Certification) compliance is causing many defense contractors to feel overwhelmed. The cybersecurity space is filled with jargon, the model presents different levels of security for different vendors and there appear to be a lot of specific requirements. The first step is simply to figure out where you currently stand. And the […]

13
Jan
CMMC Compliance

CMMC certification is a tiered system, with five levels of certification for contractors that are dependent on the CUI (Controlled Unclassified Information) and security considerations of various DOD projects that contractors will be working on. The question then arises from some contractors — if we don’t handle any CUI, is CMMC certification still necessary? The […]

8
Jan
CMMC Compliance

CUI, or Controlled Unclassified Information, is a data designation used by the Department of Defense to refer to non-classified information that is nevertheless sensitive and requires adherence to certain security practices when handling it. To repeat, CUI is not classified information (and does not require as stringent security protocols). It is also not corporate intellectual […]

6
Jan
CMMC Compliance

One of the key difference between NIST/DFARS compliance and CMMC compliance is that DOD has implemented stratified levels of compliance for CMMC. CMMC has five levels of compliance. CMMC compliance requirements will be stipulated in defense contracts. For most situations, Level 3 compliance will suffice for subcontractors — the first level that allows for handling […]