CMMC Preparation

Implementation of CMMC controls is not an overnight fix. It can take 4 months to a year to implement everything needed to schedule your official assessment with a C3PAO!

Preparing for your CMMC Assessment is not just implementation of toolsets to meet controls. A large part of the assessment deals with policies, procedures and how your business deals with CUI and FCI. You’re busy running your business and may not have time to learn all of the ins and outs of CMMC, attend all of the town hall meetings and stay abreast of all the enhancements in the standard. This is why you assistance from Summit!  Our CMMC consultants are well versed, trained and authorized by the AB to assist OSCs in their preparation for their official assessment.

 

I’m not part of the Defense industryshould I care? 

For now obtaining and maintaining a CMMC certification is only a requirement for Defense contractors, but many within the industry expect limitation to not last long.  Currently, CMMC level requirements will begin to be listed in Defense RFIs and RFPs as early as September, at a minimum firms will most likely be required to obtain a level 1 certification as they will be dealing with FCI or Federal Contract Information.   

Up until recently the discussion about a broader Federal rollout was considered an eventual or 10 year timeline.  That, however, has changed.   We are now seeing the CMMC language in other federal contracts including the most recent GSA STARS III contract.  The new contract from GSA states it “reserves the right” to require CMMC certifications for small businesses awarded spots on the governmentwide IT contracting vehicle and “While CMMC is currently a DoD requirement, it may also have utility as a baseline for civilian acquisitions; so it is vital that contractors wishing to do business on 8(a) STARS III monitor, prepare for and participate in acquiring CMMC certification,” 

Echoed and applauded by numerous members of the CMMC program team including Ty Schreiber and Katie Arrington and others within the Cyber Security world.  Many are hopeful that CMMC could not only become the gold standard in working on and bidding on government contracts, but also CMMC could be viewed as an international standard or a requirement for cyber insurance.  Should the later hold true, maintaining a CMMC level will not only affect those within the government contracting world attempting to win federal contracts, but also non-government contracts as well.   

 

What do I need I do now? 

In relation to CMMC the short answer is no you do not need to do anything…. for now.  The CMMC requirements only effect the defense base and its cyber security teams.  However, that doesn’t mean you should turn a blind eye to this either. 

With a rise of cybercrime and system attacks during the pandemic and a shift to a more remote and cloud-based work force, establishing a more robust cyber security infrastructure is more important now than ever before.  According to the FBI’s Internet Cyber Complaint Center (IC3) 2019 report, in 201the total losses in the United States from cybercrime were $2.8 Billion and are expected to reach $6 Trillion annually by 2021 across the global.   

With the average loss to a company of $2.7 Million that same year, properly securing your infrastructure client data and intellectual property against a malicious attack could save your company millions in losses.   

 

How can Summit Help? 

At Summit Business Technologies our team utilizes our 30+ years of experience to assist you in securing your company data.  Our team of cyber security team will  walk through a cyber security assessment and provide you with the necessary plan of action and milestones you will need to complete to remediate any gaps in your infrastructure.  In addition to the planning and assessment, our team can provide you with the right technology tools, policies and procedures should you need assistance in completing those items in your POAM. 

If you would like to know more about our security team offerings contact us at sales@summitbiztech.com or give us a call at 443-795-5112. 

 

Secure your CMMC preparation today. Send us a message to get in touch.