Note: Important Change as of November 2021
The Department of Defense announced a major overhaul to the Cybersecurity Maturity Model Certification (CMMC) program. No new contracts will feature CMMC compliance requirements until the Department completes its rulemaking process for CMMC 2.0. Read our summary of the changes, Goodbye CMMC 1.0, Hello CMMC 2.0. For more detailed information, visit the CMMC website.

Keiter’s Cybersecurity team will continue to monitor the rollout of the CMMC program and update you on new information and changing requirements for DoD contractors.

CMMC Compliance

Fairfax, Newport News, and Virginia Department of Defense (DoD) contractors and subcontractors will soon be required to comply with the new Cybersecurity Maturity Model Certification (CMMC) standard. The new standard is designed to help counteract the significant increase in the compromises of sensitive defense information which is shared across the defense industrial base. In the past, DoD contractors have been responsible for maintaining certain cybersecurity practices, but under CMMC new requirements are added such as third-party assessments of compliance coupled with more robust protections. All DoD contractors will need to be compliant with CMMC to continue doing business with the DoD.

5 Levels of CMMC

Phased in over a five-year period, CMMC includes 5 maturity levels based on a Virginia DoD contractor’s access to Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). The first maturity level known as basic cyber hygiene requires the use of antivirus and passwords to control FCI. The requirements become more complex reaching a pinnacle with Level 5, Optimizing, which requires standardized processes to address Advanced Persistent Threats (APT).

Virginia Top DoD Spending Locations


Newport News CMMC Services

Many Newport News DoD contractors need assistance performing initial assessments to uncover issues and establish corrective actions. Our team has almost 20 years of experience providing cybersecurity on major frameworks such as NIST SP 800-171, NIST SP 800-53, HIPAA, and others. As CMMC RPO, our team can help DoD prime and subcontractors with the following:

  • Readiness Assessments and Gap Analyses Against the CMMC Framework
  • Assistance with Remediating Gaps Identified during Readiness Assessment
  • Assistance with NIST SIP 800-171 Self-Assessment that is recorded in Supplier Performance Risk System
About Fairfax (VA)

Fairfax, Virginia, located in the northern part of the state, is a vibrant and diverse community with a rich history and a strong sense of community. As part of the Washington, D.C. metropolitan area, Fairfax combines the charm of a historic town with the amenities and opportunities of a modern city. Here’s a narrative about Fairfax, VA:

Nestled in the heart of Northern Virginia, Fairfax invites visitors to explore its unique blend of history, culture, and contemporary living. From its roots as a colonial settlement to its present-day status as a bustling suburban community, the city’s story is one of resilience, growth, and a commitment to preserving its heritage.

Fairfax’s history is deeply intertwined with the birth of the United States. The city was named after Thomas Fairfax, 6th Lord Fairfax of Cameron, a prominent figure during the colonial era. The historic Fairfax Courthouse, built in 1800, stands as a testament to the city’s rich past and is a reminder of its role in shaping the nation’s history.

Contact Our CMMC Team

Keiter provides CMMC readiness assessments and remediation services to DoD contractors across Virginia including Northern Virginia, Tidewater, and Central Virginia. If you are interested in learning how we can assist your organization, complete the form below and a team member will follow up promptly.

"*" indicates required fields

We'll never share your email with anyone else.
This field is for validation purposes and should be left unchanged.


Contact Us