July 13, 2026: the Department of War suspended CMMC Phase II pending a 60-day review — but NIST SP 800-171 obligations still stand. What it means for you
Veteran-Owned · Cyber AB Accredited Training Provider

Every framework.
One platform.
One team behind you.

CMMC. SOC 2. HIPAA. FedRAMP. ISO 27001. Whatever audit stands between you and your next contract, Lionfish pairs the Cyber Tackle Box™ GRC platform with real practitioners who work by, with, and through your team — so compliance closes deals instead of eating months of your team's time.

Defense contractor? CMMC Phase II was suspended July 13, 2026 pending a DoW review — NIST SP 800-171 still applies. Get the straight story.

Service-Disabled Veteran-Owned Cyber AB Accredited Training Provider 4 IEEE-Published Papers Purdue CERIAS Partner

Choose your mission

Three ways we deploy for you

One team, one platform, three missions. Pick the door that matches yours — everything you need is one click away.

01 For Regulated Businesses

Compliance Services

An enterprise deal blocked on SOC 2. A DFARS clause demanding NIST 800-171. An OCR letter about HIPAA. Whatever the framework, we run your gap assessment, remediation, and evidence prep — by, with, and through your team. Defense contractor? Start with CMMC: Rapid Deployment.

Find Your Framework
02 For Cyber Professionals

CCP & CCA Certification

Become a Certified CMMC Professional or Assessor with a Cyber AB Accredited Training Provider. Self-paced with real instructor support — taught by practitioners who do this work in the field. Enroll online today.

Explore Classes
03 For Your Organization

Cyber Tackle Box™

Our all-in-one GRC and training platform. Manage CMMC, NIST, HIPAA, SOC 2, FedRAMP, ISO 27001 and more — controls, policies, evidence, POA&Ms, and awareness training in one place. MSP multi-tenant ready.

Book a Demo

The requirements didn't go anywhere

Phase II assessments are suspended while the DoW reform review runs — but the security rules underneath them are still in your contracts, and your SPRS score is still visible to every prime.

0+
companies in the defense industrial base fall under DoW cybersecurity rules
0
NIST SP 800-171 requirements — still contractually binding under DFARS
~0%
of Level 2 contractors were certified when the pause hit
0 days
for the CMMC Reform Task Force to deliver its recommendations

The Green Beret method

By. With. Through.

Founded by a U.S. Army Special Forces veteran, Lionfish doesn't parachute in consultants who leave you dependent. We work the way Green Berets do — building capability that stays when we're gone.

  • BYBy partnering with you — your people, your systems, your mission. We start where you are, not where a template says you should be.
  • WIWith training built in — every engagement upskills your team, so compliance knowledge lives in-house instead of in an invoice.
  • THThrough force multiplication — our platform, Cyber Guardians, and partner network keep you resilient long after the certificate is on the wall.
Our story and mission

Why teams pick Lionfish

  • We train the assessors. As a Cyber AB ATP we teach the CCP/CCA courses — we know exactly what assessors look for, because we train them.
  • SDVOSB status that strengthens your prime's small-business supply-chain story.
  • One platform, not twelve spreadsheets. Cyber Tackle Box keeps controls, evidence, policies, and training in a single system of record.
  • Research-backed. Four IEEE-published papers on AI-driven security and a patent-pending training methodology.

Field reports

Trusted by the people who check the checkers

★★★★★
“Excellent quality and well-resourced security and compliance instruction for numerous certifications including CCP and CCA.”
Matthew RiceGoogle review
★★★★★
“Lionfish Cybersecurity provides a quality solution to ensure our clients' network stays compliant. Very happy with the platform and support.”
Fernando LeonMSP partner
★★★★★
“Lionfish's Trusted Partner Network was a game-changer for us. We didn't have to search far and wide — they brought the right team to the table.”
Alex P.CTO, TechNova Solutions

Credentials & affiliations

Accredited. Authorized. Awarded.

Badges you can verify, not adjectives. These are the accreditations and affiliations behind every engagement.

ATP
Cyber AB / CAICO ATPAccredited Training Provider
CCP
Certified CMMC ProfessionalOfficial certification training offered
CCA
Certified CMMC AssessorOfficial certification training offered
PI
CMMC Provisional InstructorClasses led by certified instructors
SDV
SDVOSB CertifiedService-Disabled Veteran-Owned Small Business
SAM
SAM.gov RegisteredCAGE 96LH8 · UEI GGV3KKTQFTS3
IN
Indiana OCTSState-regulated career & technical school
C+
CompTIA Authorized AcademyCertification training partner
PAT
Patent PendingAI training methodology #17941843
IEEE
IEEE Published4 peer-reviewed AI & cyber papers
'24
IBJ Tech Exec of the YearIndianapolis Business Journal, 2024
4x
TechPoint Mira NomineeBest of Tech — 4 categories, 2024

Lionfish Training Academy

  • State-accredited technical school regulated by the Indiana Office for Career and Technical Schools.
  • CompTIA certification tracks — ITF+, A+, Network+, Security+, CySA+, PenTest+, Cloud+ and more.
  • DOL-approved apprenticeships and workforce-development programs, including grant-funded cohorts.
  • Cyber Sentinel Program — university students deployed to protect real organizations, from Purdue to Ball State to NOVA.

Build the bench

We don't just find cyber talent. We forge it.

The industry is short hundreds of thousands of defenders. Lionfish closes the gap from both ends — certifying working professionals and training the next generation of Cyber Guardians through accredited, grant-eligible programs.

Ready when you are

Use the pause. Don't waste it.

A 30-minute readiness call tells you exactly where you stand, what the suspension does and doesn't change for you, and the calmest, cheapest path to being ready when the reformed requirements land.

Get in touch

Ready to move?

Tell us about your mission — CMMC readiness, class seat, platform demo — and we'll reply within one business day.

  • 1We reply within one business day — usually faster.
  • 2A 30-minute call with someone who can actually answer your questions.
  • 3A straight recommendation — even if it's that you don't need us yet.

Prefer to skip the form? Book a time directly or call 1-877-732-6772.

Book a Free Readiness Call