CMMC 2.0

CMMC 2.0

CMMC 2.0 - What Does it Mean for Your Organization?

As you may have heard, The Defense Department has recently revamped its cybersecurity standard for defense contractors.  Cybersecurity Maturity Model Certification (CMMC) 2.0, announced November 4, promises a new direction for protecting federal contract information and controlled unclassified information (CUI).

Main Sail's updated CMMC 2.0 Guide provides everything you need to know to effectively prepare for Cybersecurity Maturity Model Certification 2.0.

During the period of approval of CMMC 2.0, the 110 requirements associated with NIST 800-171 that have been on the books for years now, under the DFARS 7012 clause will still apply to CMMC 2.0 when approved. So now is a good time to take this opportunity to start addressing those 110 requirements now so that when the final rule is in effect, you will be set for success.

All companies are encouraged to start to improve their cybersecurity with the implementation of NIST 800-171.  The DOD has continued to stress that it hopes companies are not waiting for a contractual requirement to take charge of their cybersecurity.

NIST provides best practices, guidance and reference for how to reduce cyber incidents.  Main Sail has a well-experienced team that can assist your organization with the process to implement the 110 requirements of NIST 800-171.  The implementation is not a trivial process.  However, when completed, the requirements will position your organization with a strong cybersecurity posture that could put you ahead of your competition. Contact us today at mainsail@mainsailgroup.com for more information.

CMMC 2.0

Main Sail has been designated as a Candidate for the CMMC 3rd Party Assessment Organization (C3PAO) authorization.  Once we become a C3PAO, Main Sail will be authorized to conduct the CMMC audits for organizations seeking the certification.

Here is further detail about the proposed rule for CMMC 2.0.