What percentage of your annual revenue will you lose next year?

Failure to obtain CMMC status could result in significant losses to your business. The Cyber Security Maturity Model can be a significant undertaking to your organization. Layer0’s team of compliance experts and security engineers can guide you from reviewing policies to implementing advance security architecture to ensure CMMC Readiness.

The CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place to ensure basic cyber hygiene as well as protect controlled unclassified information (CUI) that resides on the Department of Defense’s industry partners’ networks.

Every organization providing components or services to the United States Department of Defense (DoD) or other suppliers to the DoD must achieve Level 1 certification at a minimum.​ Take the following 10 question assessment to see how close you are to achieving compliance:

If your organization has contracts with Section 7012 requiring compliance with NIST 800-171, or you process Controlled Unclassified Information, you will need Level 3 certification at a minimum. Take the following 30 question assessment to see how close you are to achieving compliance:

Some of the controls required at each level.

The bare minimum requirements for companies doing business with the DoD.

  • Firewall
  • Segment Ops
  • AV
  • Inventory
  • Access Management
  • Visitor log
  • Badges/Keys
  • Data disposal
  • System updates

Decreasing further risks to your organization.

  • Policies​ in place.
  • Event logs retained.
  • Employment awareness training
  • Baselines for systems and software.
  • Multi-Factor Authentication for remote access
  • Encrypted backups and restore testing.
  • Vulnerability Management Scans
  • Incident response procedures

Requirements for companies handling Controlled Unclassified Information.

  • Information Security Plan (SSP)
  • 800-171 Controls Implemented.
  • CUI Handling procedures in place.
  • No POA&M items
  • Offsite backups
  • Centralize logging
  • Risk Assessments​ conducted.
  • Continuous monitoring of controls.
  • DNS Filtering implemented.

We can help you prepare for certification and will provide direct support during the audit.

Our team of compliance professionals, security engineers, and solutions architects can help you prepare for any level of CMMC and reduce the risk to your business. Here are some of the benefits of preparing for compliance now:

  • Revenue – non-compliant companies excluded from bids
  • Protects information against various threats
  • Legal protection if you have a security incident 
  • Commercial credibility, confidence, and assurance
  • Clear employee direction and improved awareness

Resources to Help with CMMC