Cybersecurity Maturity Model Certification (CMMC) is a set of guidelines set by the United States Department of Defense (DoD) establishing cybersecurity protocols for government contractors. These guidelines augment, and overlap with, the requirements of the Defense Federal Acquisition Regulation Supplement (DFARS) compliance. Under a CMMC Level 3 certification, organizations must follow protocols on protecting controlled unclassified information (CUI). To achieve Level 3 certification, companies must have Good Cyber Hygiene and actively manage cybersecurity processes. This means complying with FAR 48 CFR 52.204-21) and NIST 800-171.
All DoD contractors will eventually be required to obtain a CMMC certification.
If your company needs assistance achieving CMMC requirements we can help.