DoD Contractors

Organizations working with the US DoD (Department of Defense) are held to increasingly stringent cybersecurity requirements. Since 2018, the DoD has required all defense contractors to be compliant with NIST 800-171, a government standard that lists 110 essential security controls. However, compliance has proved difficult for many prime and sub-contractors, particularly for small organizations.

To enforce universal contractor compliance with cybersecurity standards, the DoD has developed the Cybersecurity Maturity Model Certification (CMMC). This process requires defense contractors and sub-contractors to undergo a third-party audit, then receive a CMMC assessment (Level 1-5).

Beginning later in 2020, Requests for Proposals will begin requiring contractors to list their Cybersecurity Maturity Model Certification (CMMC) level. Over the next few years, CMMC compliance will be mandatory to bid on any DoD contracts.

How We Can Help

Subject-Matter Expert Support

Tailored cybersecurity support from a certified, experienced expert in the field. Due to its open-ended nature, this is our most popular service.

Security Plan Development

The System Security Plan (SSP) is the heart of your organization's cybersecurity program. Contact us for support in developing an SSP specific to your organization's size, complexity, and resource constraints.

Risk Assessments

Identifying, estimating and prioritizing risks to your systems is a daunting task, but essential to any risk mitigation strategy. Contact us for support in conducting a comprehensive Risk Assessment.

Cybersecurity Audits

You can't fix what you don't know is broken. KLS Cyber security audits will evaluate your organization against the industry's gold standards and best practices, then provide a comprehensive assessment report.

“The whole purpose of the CMMC was making a unified standard so that we could lower the barrier entry for non-traditional [contractors] and small businesses… We are willing to pay for what we need our industry to be able to do.”

Katie Arrington
Chief Information Security Officer, DoD Acquisitions
Contact Us

Questions about NIST 800-171 or CMMC?

Let us know how we can help!