Cyber Security Maturity Model Certification (CMMC)
CMMC is a comprehensive set of cyber security standards set by the DOD in order to protect unclassified networks within the Defense Industrial Base. CyVantage works with companies to assess their current cyber security posture and provides a roadmap to CMMC certification.
Why is CMMC important?
The purpose is to secure the Defense Industrial Base (DIB) supply chain
Attempts to steal critical information are increasing in severity and sophistication
Unclassified networks are targets and “backdoors” to classified networks
CMMC is not a self-attestation; it requires a third-party to certify
CMMC will apply to every contract after October, 1, 2025
CMMC Model Structure:
Cyber Security Maturity across five levels
Levels 1 to3 encompass security requirements in NIST SP 800-171rev1 (110 requirements) plus 61 new requirements
LEVEL 1: Basic Cyber Hygiene
Protection of federal contract information
17 foundational requirements
LEVEL 2: Intermediate Cyber Hygiene
110 Practices Aligned with NIST SP 800-171
LEVEL 3: Good Cyber Hygiene + NIST SP 800-171
110 + best practices based on NIST SP 800-172
Source: Office of the Under Secretary of Defense for Acquisition and Sustainment, CMMC Model v1.0 Briefing, January 31, 2020
Interested in our CMMC Presentation?
Please submit your email and you’ll be directed to the downloadable PDF.