Cybersecurity Maturity Model Certification
Defense Industrial Base (DIB) contractors for the Department of Defense (DoD) are required to provide certified assurance based on the CMMC framework. The CMMC framework is a set of mandatory cybersecurity requirements that all contractors within the DoD supply chain will be required to implement and be verified by an
independent CMMC Third Party Assessment Organization (C3PAO).
The CMMC framework establishes five certification levels that define the minimum-security posture, or cyber maturity, an organization must achieve based on the sensitivity of its information. Eligibility to receive a new DoD contract award or renewal is dependent on achieving CMMC certification, outlined in each program’s acquisition strategy or RFP.
The Lionfish CMMC program using the BWT Model™ will bring you to a level of cyber control you can count on…hook, line and sinker. We are currently offering CMMC Level 1-3 support as part of our By-With-Through Model™, with additional fees for Levels 4 & 5 available.
Don't Get Underwater...
Certification can be an arduous assignment with a roadmap,
but we know how to kick into action and school your team in the right direction.
Are you a Prime Contractor?
Helping your subs prepare for CMMC with the Lionfish BWT Model™ brings these benefits:
- Confidence subs will meet CMMC requirements.
- System can be co-branded with prime’s logo and colors. Build loyalty with subs.
- Subs save time and money with one-stop option to learn, implement, monitor and manage CMMC solutions.
- Ensure subs have ongoing protection and compliance.
Benefits of the Lionfish BWT™ managed security service platform:
- Uniquely credentialed to assist you to qualify for and maintain government contracts
- Supplement your staffing needs with our seasoned security professionals and apprenticeships
- Management of routine IT tasks to save you time and focus on your business
- Affordable enterprise-level managed security services designed specifically for small businesses
- Proactive Technology Management to prevent malicious activity
- Cyber awareness training to achieve data care best practices that protect your most valuable assets – customer and employee data
- We quickly identify, remediate and set up appropriate disaster recovery mechanisms to keep your business running smoothly
We are Registered, So We Are Ready to Serve You…
Lionfish is a CMMC Registered Provider Organization (RPO) and a CMMC Accredited Practitioner™, so we are able to assist in you with CMMC requirements. As a vet-owned business, we provide guidance and activity-driven models for small businesses that seek to achieve a high standard of cybersecurity excellence through cyber deterrence and resilience. We are working towards a world where all businesses are cyber resilient and are no longer easy targets for cyber-attacks.
CMMC guidelines require DoD contractors to meet mandatory requirements and go through multiple assessments to prove their certification level. Lionfish Cyber Security will assist you in determining the CMMC levels of certification the DoD requires of your company, which all begin with minimal cyber hygiene requirements.
What Exactly is CMMC?
The CMMC model measures cybersecurity maturity with five levels and aligns a set of processes and practices with the information you wish to protect, and possible associated threats. The model consists of maturity processes and cybersecurity best practices from multiple cybersecurity standards, frameworks, and other references. The model encompasses the basic safeguarding requirements for FCI specified in FAR Clause 52.204-21 and the security requirements for CUI specified in NIST SP 800-171 per DFARS Clause 252.204-7012.
Why Was It Created?
DOD will migrate to the new CMMC framework in order to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB). CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place to ensure basic cyber hygiene. It will also protect controlled unclassified information (CUI) that resides on the Department’s industry partners’ networks.
Where to Begin…
Below you will find CMMC practices grouped by level and by domain. Each practice contains helpful publicly available cybersecurity resources and clarification from CMMC Model v1.02 Appendix B.
Need guidelines for assessing CMMC practices?
Have questions about NIST 800-171 or CMMC compliance? We are happy to answer any of your questions about our product offerings.