The Department of Defense intends to issue changes to compliance with The Cybersecurity Maturity Model Certification (CMMC) program as a condition of awarding contracts beginning as early as July 2023. Convergint is stepping in to help assist and provide guidance regarding these changes.

Cybersecurity is a top priority for the Department of Defense. The Defense Industrial Base (DIB) is the target of cyberattacks. To protect American ingenuity and national security information, the DoD developed the CMMC to reinforce the importance of DIB cybersecurity.

Overview of the CMMC program

The CMMC program is aligned with the DoD’s information security requirements for DIB partners. It is designed to enforce the protection of sensitive unclassified information that is shared by the Department with its contractors and subcontractors. The program provides the DoD with increased assurance that contractors and subcontractors are meeting the cybersecurity requirements that apply to acquisition programs and systems that process Controlled Unclassified Information (CUI).

Tiered model

CMMC requires that companies entrusted with national security information implement cybersecurity standards at progressively advanced levels, depending on the type and sensitivity of the information. The program also sets forward the process for requiring the protection of information that is flowed down to subcontractors

Assessment requirement

Once CMMC 2.0 is implemented, accredited CMMC Third Party Assessment Organizations (C3PAOs) can verify the controls are in place to meet the requirements and they will upload the assessment report into CMMC EMASS, which the DoD can access.

Implementation through contracts

Once CMMC is fully implemented, certain DoD contractors that handle sensitive unclassified DoD information will be required to achieve a particular CMMC level as a condition of contract award.

Contact us

For assistance with implementing the CMMC compliance requirements, contact Convergint’s CMMC team at [email protected].

About Convergint

Convergint is a global, service-based systems integrator focused on mission-critical security, fire, and life safety infrastructure. Convergint offers last-mile delivery for emerging technology, backed by a 20-year commitment to its core value of service. Download the cybersecurity brochure to learn more.

Recommended Articles