DataSure24 works closely with businesses within the manufacturing industry to ensure that they meet all of the industry-required compliance areas. These include the CMMC (Cybersecurity Maturity Model Certification) and the Department of Defense’s DFARS (Defense Federal Acquisition Regulation Supplement).
The Department of Defense (DoD) recently announced that contractors and subcontractors who provide services and products in the Defense Industrial Base (DIB) must be in compliance with the CMMC. The deadline for obtaining compliance is slated for 2025.
There are 3 levels of CMMC compliance, foundational, advanced and expert, with differing specific requirements and controls.
- Level 1 (Foundational): only applies to companies that focus on the protection of FCI.
- Level 2 (Advanced) is for companies working with CUI. Level 2 is in complete alignment with NIST SP 800-171.
- Level 3 (Expert) is focused on reducing the risk from Advanced Persistent Threats (APTs). It is designed for companies working with CUI on DoD’s highest priority programs. Specific security requirements are yet to be determined; however, the DoD has indicated that requirements will be based on NIST SP 800-171’s 110 controls plus a subset of NIST SP 800-172 controls.
DataSure24 is an RPO (Registered Practitioner Organization) for CMMC. As an RPO, we are tasked with performing readiness assessments to help ensure that companies are well-prepared be audited, and certified at the necessary CMMC level.
For more about CMMC and how DataSure24 can help, contact us.