The CMMC is the new standard for implementing cybersecurity across Department of Defense (DOD) contractors. It helps ensure all companies in the defense industrial base (DIB) supply chain are doing their job to protect sensitive information. The CMMC was developed over the past several years with details about the framework released in January 2020. The maturity model uses audits conducted by third-party assessors, which will assign companies a level that represents the cybersecurity protections that have been put into place.
The CMMC combines several discrete compliance processes into one, including NIST SP 800-171, NIST SP 800-53 and ISO 27001. There are five CMMC certification levels:
Level 1 – Basic Cyber Hygiene
Level 2 – Intermediate Cyber Hygiene
Level 3 – Good Cyber Hygiene
Level 4 – Proactive
Level 5 – Advanced/Progressive
This fall, contractors will start to see the CMMC requirements included in the RFP process and will need to get certified by an assessor starting in October 2020.
Sensei can help defense contractors prepare their cybersecurity processes and systems for the upcoming audit process. Each CMMC level has its own requirements that must be met in order to achieve the certification. With an understanding of the level that you need to achieve, Sensei can get your cybersecurity protections up-to-date and ready for the assessment.
Questions? Need Help?