Many area businesses, organizations, and municipalities trust AGJ for their cybersecurity plan. Our team of experts at developing and managing information security and privacy management systems that comply with government and industry regulations such as NIST, DFAS, PCI, SSAE-16, HIPAA and now CMMC.
Organizations that process sensitive government data (whether directly or as a sub-contractor in the supply chain) have only been required to “self-attest” to their conformance with relevant DFARS/NIST SP 800-171 guidance… until now.
As evidenced by the recent and notable breaches of critical government information, the self-attestation approach has not provided optimal results. This has driven the U.S. Department of Defense (DOD) and other government agencies to mandate a higher level of attestation; the Cybersecurity Maturity Model Certification (CMMC).
CMMC certification will become a non-negotiable requirement to bid on DoD RFPs and/or have a contract awarded. For many SMBs impacted by the CMMC, DoD contracts make up a substantial percentage of their revenue—making CMMC certification a “must do” proposition.