Cybersecurity Maturity Model Certification(CMMC)

Prepare and understand how the DoD’s new Cybersecurity Model impacts your business

CMMC Registered Provider Organization

Site2 is a Registered Provider Organization authorized by the CMMC Accreditation Body (CMMC-AB) to provide consulting services to DoD contractors and Organizations Seeking Ceritification (OSCs). We have Registered Practitioners (RPs) available on staff to assist and guide you to prepare for a CMMC audit.

Overview

K

The Defense Federal Acquisition Regulation Supplement (DFARS) 252.204.7012 established the National Institute of Standards and Technology’s Special Publication 800-171 Rev.2 (NIST 800-171) as the principle security standards for protecting both Controlled Unclassified Information (CUI) and Covered Defense Information (CDI) associated with Department of Defense (DoD) related contracts.

The Cybersecurity Maturity Model Certification (CMMC) builds upon the existing DFARS 252.204-7012 regulation.  CMMC adds a verification component.  The goal is for CMMC to be cost-effective and affordable for small businesses to implement at the lower CMMC levels.  Site2 helps make that a reality. 

  • Applies to all contractors supporting the Defense Industrial Base (DIB)
  • Learn how Site2 can assist with with the process controls and practices
  • Comply before your audit

 

Site2 has CMMC Registered Practitioners to guide you through the implementation process.   

 

  • Gap Analysis & Basic Self-Assessments
  • Plan of Actions and Milestones (POAM)
  • System Security Plan (SSP)
  • Policies and Processes

Cyberconverged Storage — meets 19 of the 110 NIST 800-171 controls

  • Secures CUI files
  • Audit Logging
  • Access Control 
  • SIEM integration 

CMMC Consultation

K

Start by scheduling a consultation with one of our CMMC Registered Practionion to get expert advice based on your unique needs. We can help cut through the confusion of NIST and CMMC to figure out the next steps for your business.

NIST Assessment | SPRS

K

As of November 30, 2020 all government contractors who sell into the DoD must be fully DFARS and NIST compliant. Get NIST certified quickly and submit your score to SPRS so you don’t miss out on new contracts!

System Security Plan 

K

Do you have an SSP in place? Does it need updating? The SSP should accurately reflect your actual implementation of the controls or practices. A current and valid SSP is a critical requirement that can’t be overlooked for your audit.

Plan of Action & Milestones (POAM)

K

You are required to document how you plan to correct deficiencies and reduce or eliminate vulnerabilities in your system. The POAM will expose how many of the 110 security requirements will need to be fully implemented.

Remediation & Implementation

K

Executing your POAM and achieving full compliance is a full-time effort. However, completing the POAM and implementing your remediation plan will ensure compliance with NIST and ensure you are prepared for CMMC.

Maintaining Compliance

K

Often overlooked, maintaining compliance with DoD security standards can be a complex undertaking, and requires a documented plan and structured daily  activities. We’ll help you determine the resources you’ll need to properly maintain compliance.

Schedule a call with our experts.

Clarks Summit Office

200 Abington Executive Park
Suite 207
Clarks Summit, PA 18411
570-558-5660

4 + 9 =

Latest Updates

Site2 Sponsors and Exhibits at MFG Day 2023

The Northeast PA Industrial Resource Center (NEPIRC) held their annual Manufacturer's Day on Friday, October 13, 2023 at the Mohegan Sun Hotel and Convention Center in Wilkes Barre, PA. Site2 was once again a proud sponsor and exhibitor. This was NEPIRC's most well...

read more

Cybersecurity Webinar 102

This is the second installment of our two part Cybersecurity webinar series in partnership with NEPIRC. We take a deeper dive into the nuances of the NIST 800-171 r2 and CMMC 2.0 requirements. This cybersecurity framework and regulation respectively have manufacturers...

read more