Organizations working with the US DoD (Department of Defense) are held to increasingly stringent cybersecurity requirements. Since 2018, the DoD has required all defense contractors to be compliant with NIST 800-171, a government standard that lists 110 essential security controls. However, compliance has proved difficult for many prime and sub-contractors, particularly for small organizations.
To enforce universal contractor compliance with cybersecurity standards, the DoD has developed the Cybersecurity Maturity Model Certification (CMMC). This process requires defense contractors and sub-contractors to undergo a third-party audit, then receive a CMMC assessment (Level 1-5).
Beginning later in 2020, Requests for Proposals will begin requiring contractors to list their Cybersecurity Maturity Model Certification (CMMC) level. Over the next few years, CMMC compliance will be mandatory to bid on any DoD contracts.
How We Can Help
Tailored cybersecurity support from a certified, experienced expert in the field. Due to its open-ended nature, this is our most popular service.
The System Security Plan (SSP) is the heart of your organization’s cybersecurity program. Contact us for support in developing an SSP specific to your organization’s size, complexity, and resource constraints.
Identifying, estimating and prioritizing risks to your systems is a daunting task, but essential to any risk mitigation strategy. Contact us for support in conducting a comprehensive Risk Assessment.
You can’t fix what you don’t know is broken. KLS Cyber security audits will evaluate your organization against the industry’s gold standards and best practices, then provide a comprehensive assessment report.