Cybersecurity

Working with the Department of Defense

Are you currently working, or are interested in working, with the Department of Defense? If so, you:

  • must be FAR 52.204-21 compliant (Level 1, effective Nov. 2024)
      (possible exception, if supplying commercial off-the-shelf items)
  • should be working toward your Level 2-3 CMMC 2.0 certification, as required by contract

CMMC 2.0

The DoD announced CMMC 2.0 as an updated program structure and requirements designed to achieve the primary goals of the internal review.

  • Safeguard sensitive information to enable and protect the warfighter
  • Dynamically enhance DIB cybersecurity to meet evolving threats
  • Ensure accountability while minimizing barriers to compliance with DoD requirements
  • Contribute towards instilling a collaborative culture of cybersecurity and cyber resilience
  • Maintain public trust through high professional and ethical standards

CYBERSECURITY MATURITY MODEL CERTIFICATION

Learn more about the CMMC Program

Final Rule Resources

Compliance Steps NIST SP 800-171 REV 2 HANDBOOK NIST SELF-ASSESSMENT SCORING METHODOLOGY GUIDE AUTOMATICALLY SCORED NIST SP 800-171 DOD ASSESSMENT PLAN OF ACTION AND MILESTONES (POAMS) TEMPLATE SYSTEM SECURITY PLAN TEMPLATE (SSP) QUICK GUIDE TO PIEE SUPPLIER RISK MANAGEMENT SYSTEM (SPRS) QUICK ENTRY GUIDE INFORMATION TO UPLOAD INTO SPRS INCIDENCE REPORTING INFORMATION

CMMC 2.0 Resources

Steps to Achieving CMMC CMMC Level 1 Assessment Guide CMMC-AB certified assessors CUI Marking Information

Webinars and Compliance reviews

We offer free cybersecurity webinars and interim rule compliance reviews. To receive a review, please complete the Request for Assistance form and specify your interest in a cybersecurity review.

Upcoming Webinars Request for Assistance Form