CMMC

 

The Department of Defense has introduced a new standard, the Cybersecurity Maturity Model Certification. Are you ready?

compliance

What is CMMC compliance?


The Department of Defense (DoD) designed CMMC to protect Controlled Unclassified Information (CUI) across their supply chain.

CUI can include a variety of data, including:

  • Financial
  • Intelligence
  • Legal
  • And more...

CMMC is designed to incorporate processes, practices and approaches to protect that data and improve the defense contractor's ability to safeguard their sensitive information and give the DoD a way to easily identify vendors who practice good cyber hygiene.

There are five different levels of CMMC certification. After implementing the controls necessary to achieve certification,  the customer must use a CMMC Third-Party Assessment Organization (C3PAO) to perform a formal security audit.
 

Self-attestation is no longer allowed.

What are the five levels of CMMC certification?


The five levels of CMMC certification revolve around the implementation of a set number of NIST 800-171 controls.
 
The five levels are:

 1. Basic Cyber Hygiene
 2. Intermediate Cyber Hygiene
 3. Good Cyber Hygiene
 4. Proactive Cybersecurity
 5. Advanced/Progressive Cybersecurity
 

Security7 Networks can help you conform to CMMC by implementing:

  • Access Control
  • Awareness and Training
  • Audit and Accountability
  • Configuration Management
  • Identification and Authentication
  • Incident Response
  • Maintenance
  • Media Protection
  • Personnel Security
  • Physical Protection
  • Risk Assessment
  • System and Communications Protection
  • System and Information Integrity
  • And much, much more!

Schedule a FREE consultation today!

Request a FREE Consultation for Your Business

2022 - Website - Images - Newsletter-01-01

 

Stay up to date.

Subscribe to the Security7 Newsletter.

News, guides, general banter, we cover it all! Never miss a minute. Subscribe to our weekly newsletter and stay up-to-date on all the cybersecurity news fit to print.

Learn More

2 min read

The Fox is Guarding the Henhouse: Microsoft enters the MSSP Space

Microsoft has decided it's time to dip its big toe in the Managed Security Services Provider (MSSP) space with three...

3 min read

Beware Random Thumb Drives: Raspberry Robin Malware...

As if any well-minded cybersecurity professional would be trusting of the little buggers in the first place. Anywho,...

1 min read

Bad Actors Still Targeting Remote Workers (Link)

Aamir Lakhani, a global security strategist, and researcher at Fortinet's FortiGuard Labs, has shared an article on...

5 min read

2021's Top 15 Software Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a joint cybersecurity advisory that lists the...

4 min read

Ransomware Reminder: What to do BEFORE you're infected...

There's been a 715% INCREASE in Ransomware attacks in 2020. 

The average ransomware attack cost SMBs and SMEs up to...

2 min read

FBI Alert: Blackcat Ransomware-as-a-Service (RAAS)

The Federal Bureau of Investigation (FBI) has issued a new FLASH alert regarding BlackCat (aka ALPHV, aka Noberus), a...

16 min read

ALERT: APT Cyber Tools Targeting ICS/SCADA Devices

Summary

Actions to Take Today to Protect ICS/SCADA Devices:• Enforce multifactor authentication for all remote access...

6 min read

What is a Social Engineering Attack?

I wanted to take a moment to dive into something called “Social Engineering."

Parts of what I bring up is going to...

1 min read

State Department Launches New Cybersecurity Bureau...

The State Department has announced the launch of a brand new bureau dedicated to making cybersecurity a part of US...