What is CMMC (Cybersecurity Maturity Model Certification)?
The Cybersecurity Maturity Model Certification (CMMC) is the Department of Defense’s (DoD) newest verification system designed to ensure that cybersecurity practices are adequately protecting Controlled Unclassified Information (CUI) that resides on the Defense Industrial Base (DIB) systems and networks. As early as Q3 2020, some new DoD contracts will be required to be within CMMC compliance. Every year, we help hundreds of DoD Contractors navigate the hurdles of DoD cybersecurity requirements and would be happy to serve you too.
Feel Confident with your CMMC Audit
For many government contractors, contracts with the Department of Defense make up a substantial part of their organization. We understand that they can not risk failing the upcoming CMMC audit. That’s where we come in. When you choose our CMMC Assessment, you can trust that we have the past performance with CUI assessments and government contract work. We are the experienced team you need.
No matter what level of support your organization needs, we will ensure you are ready for these changes every step of the way. Our team of professionals can assist you from a routine assessment, to fully implementing all the new CMMC measures. Whatever level of support you need, we have your back!
SecureStrux Services at a Glance
- Assessment & Gap Analysis: We will conduct our traditional CUI assessment and CMMC assessment. Then, we will report back with a detailed report and action plan we refer to as the Path to Success Framework.
- System Security Plan (Policies & Procedures) Engagement: For companies that have more robust IT knowledge, we will work alongside their IT department to manage the compliance paperwork and procedures while they implement the CMMC measures.
- Managed Security Support Plan for CMMC Compliance: Managing CMMC compliance is hard. However, our solution is simple for you to use and understand. We will implement any part of the CMMC compliance measures that you need. This menu style offering ensures that whatever your needs are, we can solve them.
Your first step in preparing for CMMC Compliance
Your process for getting all documentation prepared for your CMMC audit
Managed Security Service Plan
Your comprehensive solution to getting and maintaining your CMMC compliance
CMMC Assessment and Gap Analysis
For companies with more robust infrastructure, we can provide you with our Path To Success Framework. The Path to Success Framework is an excellent solution for companies that need a fresh set of eyes on their compliance measures but are capable of implementing the changes themselves. It will include a full CMMC Assessment, where we will perform a traditional CUI assessment with all 110 controls in NIST SP 800-171 with the additional 20 practices required in CMMC Level 3 (130 in total).
The CMMC assessment will include aspects of physical security that will need to be completed onsite. Depending on your organization’s infrastructure, we will complete the compliance assessment onsite or through remote access. The assessment will be a week involving 1-2 SMEs from SecureStrux. This solution is ideal for smaller organizations. Larger organizations may require additional NIST SP 800-171b and CMMC measurements to achieve a higher level of CMMC Compliance. Upon completion of the assessment and gap analysis, we will provide a detailed list of all the action items needed to achieve your desired level of compliance. Also, we will have an executive-level briefing addressing significant concerns and the CMMC Path to Success Framework.
CMMC System Security Plan (Policies & Procedures) Engagement
Similar to the RMF service process, we will take the findings of the CMMC assessment and draft the compliance paperwork. The SSP Engagement includes writing and maintaining the CMMC SSP Plan (to meet ML 3.997, ML 2.998, & ML 2.999). We will write policies for the protection of FCI and CUI across the organization. The SSP Engagement will include quarterly and annual updates.
Managed Security Support Plan for CMMC Compliance
For organizations in need of a more hands-on approach, we can manage and implement any part or call of your CMMC compliance transition. Our MSSP is a menu style offering where you decide what services work best for organizations’ needs. Our team of experts will do a full assessment and start implementing new requirements from the Path to Success Framework.
The MSSP provides solutions for the deficient finds and drafts a POA&M to track the progress. Our team will create and maintain your SSP policies and procedures with monthly and quarterly updates to meet the requirements of ML 2.998, 2.999 & ML 3.997. In addition, our continuous monitoring will include audit reviews, vulnerability management, anti-malware / firewall monitoring and management, and web filtering monitoring. As needed, we will implement and configure hardware and software to meet CMMC compliance. When you choose the MSSP Service package, you will be informed every step of the way with our weekly reports.
Our Expert Team
Your CMMC assessment is essential; you want professionals on the job.
At SecureStrux, you can trust that you are being provided the best quality service from a superior team. Over 90% of our workforce has served in the military and continues to lead the charge by protecting our DoD contractors from unknown risks in the cyber world. Together, our SMEs have over a hundred years of experience with cybersecurity and compliance. We work professionally, efficiently, and our seasoned team is ready to serve you. Contact us today to learn about our CMMC product offerings.