Cybersecurity Maturity Model Certification (CMMC)

Concord and other New Hampshire Department of Defense (DoD) contractors and subcontractors will soon be required to comply with the new Cybersecurity Maturity Model Certification (CMMC) standard. The new standard is designed to help counteract the significant increase in the compromises of sensitive defense information which is shared across the defense industrial base.

In the past, DoD contractors have been responsible for maintaining certain cybersecurity practices, but under the emerging CMMC requirements contractors must undergo third-party compliance assessments and implement additional security protections. Once implemented contractors and subcontractors will need to be compliant to be awarded contract work.

5 CMMC Maturity Levels (ML)

Phased in over five years, CMMC includes 5 maturity levels based on a New Hampshire DoD contractor’s access to Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).  CMMC ML 1, known as basic cyber hygiene, requires the use of techniques such as antivirus and passwords to control access to FCI. The requirements become more complex reaching Level 5, Optimizing, which requires standardized processes to address Advanced Persistent Threats (APT).

Map of New Hampshire

New Hampshire CMMC Services

Many New Hampshire DoD contractors will need assistance performing initial assessments to uncover issues, establish corrective actions, and chart a path toward CMMC readiness.

The CMMC is complex. ML 3 contains 381 discrete cybersecurity requirements spread among 130 practices, and 310 policy/procedure requirements spread among 51 process maturity requirements. The requirements are complex, and our team has almost 20 years of experience providing cybersecurity compliance services across many complex frameworks such as NIST SP 800-171, NIST SP 800-53, HIPAA, and others. As a CMMC Registered Provider Organization (RPO), our team can help DoD prime and subcontractors with the following:

  • Readiness Assessments and Gap Analyses Against the CMMC Framework
  • Assistance with Remediating Gaps Identified during Readiness Assessment
  • Assistance with NIST SIP 800-171 Self-Assessment that is recorded in the Supplier Performance Risk System
  • Creating System Security Plans (SSP)
  • Creating Plans of Action and Milestones (POA&M)

 

Contact Our CMMC Team

Keiter provides CMMC readiness assessments and remediation services to DoD contractors in Concord and across New Hampshire If you are interested in learning how we can assist your organization, complete the form below and a team member will follow up promptly.

"*" indicates required fields

We'll never share your email with anyone else.
This field is for validation purposes and should be left unchanged.

 

About New Hampshire’s DOD Contractors

The defense contractor industry in New Hampshire is a vital component of the state’s economy and plays a significant role in supporting the national defense infrastructure. With a total of $2.0 billion spent on private sector contracts in 2021, the industry in New Hampshire is a testament to the state’s importance in the broader defense sector. BAE Systems, the largest defense contractor in the state, alone brought in $1.1 billion of this total, emphasizing the scale and impact of its operations. New Hampshire’s defense contractors span a wide range of specializations, from research and development to manufacturing advanced electronic systems and providing critical support services. This diversity not only contributes to the state’s economic resilience but also ensures that the U.S. military has access to cutting-edge technology and reliable equipment. Other major players, such as L3Harris Technologies, Methuen Construction, and Renco Corp., further demonstrate the state’s robust participation in the defense industry, highlighting its strategic importance to national security and defense readiness.

 

Contact Us