Your Top Five Cyber Risks in Five Clicks with the Free Cyber Risk Analysis

FREE RISK ANALYSIS
Request Demo

Securing Controlled Unclassified Information

Protecting and securing Controlled Unclassified Information (CUI) throughout the DoD supply chain is the ultimate goal of the Defense Federal Acquisition Regulation Supplement (DFARS).

SECURING CONTROLLED UNCLASSIFIED INFORMATION

All organizations that process, store, or transmit CUI will need to undergo Cybersecurity Maturity Model Certification (CMCC) in order to validate their cybersecurity practices and prove protection for controlled unclassified information.

Different levels of the CMMC security requirements and levels include more advanced practices to reduce cybersecurity risk as more CUI is present or the further up the DoD supply chain the contractor goes, denoting a higher certification level requirement.

Leading DoD contractors are choosing CyberStrong to protect and secure controlled unclassified information and to prepare for the Cybersecurity Maturity Model Certification (CMMC).

CMMC Certification Levels

The requirements for CMMC certification depend on the level of certification.

Here is a short explanation of the certification levels, with each level building upon the previous level’s requirement. For example, to complete Level 2, you will need to have completed all the requirements of Level 1 plus additional requirements.

Level 1: Basic Cyber Hygiene  DoD service providers who prefer to pass an examination at this level should execute 7 controls of NIST 800-171 rev1.
Level 2: Good Cyber Hygiene To accomplish level 3 certification, the last 45 controls of NIST 800-171 Rev1 and 13 new "Other" controls need to be carried out.
Level 3: Good Cyber Hygiene To accomplish level 3 certification, the last 45 controls of NIST 800-171 Rev1 and 13 new "Other" controls need to be carried out.
Level 4: Proactive Cybersecurity Along with controls from levels 1 through 3, 11 additional controls of NIST 800-171 Rev2 plus 15 new "Other" controls are required.
Level 4: Advanced/ Progressive Cybersecurity For the maximum level, DoD specialists must carry out the last four controls in NIST 800-171 Rev2 together with 11 new "Other" controls.

 

Learn more about CyberStrong

Download the Solution Sheet

Download the CyberStrong Solution Sheet