Determine the cyber security state of your business processes. SteelToad is currently leading our clients in diagnosing cyber security gaps and processes by conducting (1) Self-assessments; and (2) Gap Analysis’. Both of these techniques allow businesses to identify and pinpoint our client’s missing security processes and components. SteelToad has robust experience, working with maturity models for over 10 years, as CMMI appraisers, instructors and consultants.
The Cybersecurity Maturity Model Certification (CMMC) is the newest Cyber model initiated by the Department of Defense (DoD), the Office of the Under Secretary of Defense for Acquisition and Sustainment. This Cyber certification becomes the Department’s requirement for contractors. The goal of the CMMC is to protect the supply chain across the Defense Industrial Base (DIB). The DIB supply chain includes more than 300,000 companies, all of which are responsible for protecting controlled information under the CMMC.
CMMC is a maturity model. The Cybersecurity Maturity Model is an integrated model of best practices that enable the Defense Industrial Base (DIB) to improve cyber performance, by improving their cyber processes. The maturity derives with the implementation of Levels (1-5), to aid in understanding and adoption, and provides a path for the company’s overall cyber performance improvement.
The following levels have been defined by the DOD, as CMMC best practices standards:
Defined: Basic Cyber Hygiene
Quantity of practices addressed: 17 practices
Level 1 of CMMC addresses the protection of Federal Contract Information (FCI) and encompasses the basic safeguarding requirements for FCI specified in Federal Acquisition Regulation (FAR) Clause 52.204-21. CMMC Level 1 is focused on protecting 17 practice areas over six (six) domains, including identification, authorization, access control, media protection standards, physical protection, system and information integrity and system and communications protection.