If you’re a DoD contractor or subcontractor, you’ve probably already been introduced to the Cybersecurity Maturity Model Certification but have you done anything about it yet? Well, we have good news because Assura is now a Cybersecurity Maturity Model Certification (CMMC) Registered Provider Organization (RPO).

Total mandated compliance with CMMC is still on the horizon, but when it comes to cyber security, there’s no such thing as being too proactive. That’s why Assura became an RPO: to allow you to focus on running your business and for us to do the heavy lifting to help your organization reach the right level of compliance.

If you don’t do any further reading today on CMMC, here are three things you need to know:

  • CMMC is made up of five ascending levels, ranging from basic cyber security hygiene to advanced, optimized cyber security measures implemented across an organization.
  • Developed by the DoD, its purpose is to ensure that DoD contractors and subcontractors with access to Federal Contract Information (FCI) and/or Controlled Unclassified Information (CUI) have the appropriate cyber security safeguards and policies in place.
  • Companies that don’t handle FCI and CUI and those that solely use Commercial-Off-The-Shelf (COTS) products (e.g., Microsoft or other software providers) do not have to comply with CMMC.

Don’t wait until 2025 to get started on this. We promise, your future self will thank you for starting now.