CMMC - What to know

white paper

by: Karen Stanford, Director Cyber Risk Services | Michael Pitcher, VP Technical Cyber Services | Mali Yared, Director Cyber Risk Advisory

CMMC - What to know

The Department of Defense (DoD) has released the Cybersecurity Maturity Model Certification (CMMC) Version 1.0, a new framework designed to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB) and its suppliers. CMMC is an evolution of DFARS 252.204-7012 (NIST SP 800-171) and now requires third-party attestation.

Although CMMC Version 1.0 was recently released, all organizations that provide services to the DoD will eventually need to be CMMC certified to bid on future DoD solicitations. The first solicitations with a required CMMC maturity level are expected to be released as early as June 2020.

This white paper provides the latest updates on CMMC, including guidance on how organizations can effectively prepare for and navigate this new model.

Coalfire’s full spectrum of CMMC services includes:

Advisory: Are you unsure whether CMMC applies to your organization? Have you received a compliance request from the DoD or your prime contract holder? Are you wondering how your current NIST 800-171 or DFARS 252.204-7012 capabilities transfer to the CMMC practices and processes? Coalfire’s team of experts, acting as an objective third party, can help you answer these questions and interpret the impact of CMMC to your environment. We can also perform a gap analysis on your environment/organization to help devise a roadmap to your desired CMMC maturity level.

Remediation: We offer a suite of remediation services dedicated to helping you meet or exceed your desired CMMC maturity level. These services include developing security documents, resolving threat and vulnerability assessment findings, cloud engineering, and implementing technology.

Attestation: CMMC assessment services are expected to become available in the second quarter of 2020. Once certified as a C3PAO, we will support organizations that are ready for final assessment and certification.

Fill out the form on this page to gain access to this white paper and register to receive the latest updates on CMMC.