(Cybersecurity Maturity Model Certification)
The Department of Defense recently announced that contractors who provide services and products in the Defense Industrial Base (DIB) will have to comply with the CMMC. There are 5 levels of CMMC that have differing specific requirements and controls.
DataSure24 is an RPO (Registered Practitioner Organization) for CMMC. As an RPO, we are tasked with performing readiness assessments to get companies in a place where they are ready to be audited and certified with the differing levels of CMMC.
DataSure24 Managed Detection and Response Services:
Host Intrusion Detection
File Integrity Monitoring
Monthly Vulnerability Scanning
Log Aggregation and Correlation
Our CMMC Readiness Assessments are based on the National Institute of Standards and Technology (NIST) special publication 800-171, a framework that was developed to protect controlled unclassified information in nonfederal organizations. The Department of Defense (DoD) released DFARS years back to bolster security in the Defense Industrial Base (DAB). DFARS set clear requirements outlined in the NIST 800-171 publication. CMMC will in essence replace DFARS as the standard assessment for defense contractors.
The chart below depicts the steps required in order to receive CMMC certification for your business. As an RPO – DataSure24’s job is to bridge the gap from stage C-D, so that companies are ready to be audited and become a CMMC certified organization.
Where Do I Start?
DataSure24 works with manufacturers and MEPs (Manufacturing Extension Partners) to identify where they can strengthen their overall security posture, and reduce the likelihood of an event occurring. Our first step is to perform a CMMC Readiness Assessment of an organizations’ infrastructure and cybersecurity plans and processes. We use the NIST 800-171 framework as the cornerstone of the assessment, in addition to vulnerability scanning. Completion of an assessment will let you know where the vulnerabilities and gaps in the security posture are, and how your organization complies with the applicable levels of CMMC, DFARS and other industry-specific compliance requirements.