https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/tags/cmmc-2.0/Recent content in CMMC 2.0 onHugo -- gohugo.ioen-USFri, 09 Aug 2024 19:10:09 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/intro-cmmc-2/Fri, 09 Aug 2024 19:10:09 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/intro-cmmc-2/CMMC 2.0, or Cybersecurity Maturity Model Certification, is a cybersecurity framework established by the U.S. Department of Defense (DoD). It aims to ensure that contractors and subcontractors within the Defense Industrial Base (DIB) comply with rigorous cybersecurity standards. CMMC 2.0 replaces the previous CMMC model with a streamlined and updated version that incorporates lessons learned and feedback from industry stakeholders. If you are a contractor, subcontractor, or supplier contracting with the DoD, you will need to meet the requirements of CMMC 2.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/cmmc-2-levels/Fri, 09 Aug 2024 19:10:09 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/cmmc-2-levels/The Cybersecurity Maturity Model Certification (CMMC) 2.0 integrates various cybersecurity standards and best practices into a unified model that encompasses three maturity levels. Each level builds upon the previous one, with increasing rigor in cybersecurity practices and processes. In this article, we’ll provide an overview of the three levels of maturity and example practices that are representative of their requirements. Level 1: Foundational Contractors and subcontractors who handle only Federal Contract Information (FCI) typically need this level of certification.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/cmmc-practices/Fri, 09 Aug 2024 19:10:09 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/cmmc-practices/Cybersecurity Maturity Model Certification (CMMC) 2.0 requires a progressive set of practices. Level 1 has 17 practices. Level 2 includes Level 1 practices plus an additional 110 practices. Level 3 practices include Level 2 practices, plus additional practices that are still being determined. These practices are divided into 14 domains, each of which covers a different aspect of cybersecurity. Wait, you may be wondering. Are “practices” the same as “controls” or “requirements?https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/cmmc-chainguard/Fri, 09 Aug 2024 19:10:09 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/compliance/cmmc-2/cmmc-chainguard/Achieving Cybersecurity Maturity Model Certification (CMMC) 2.0 Level 2 or Level 3 certification can be a complex and resource-intensive process, particularly for organizations managing containerized environments and addressing vulnerabilities. Chainguard simplifies this journey by offering specialized solutions that drastically reduce the time and effort needed to meet compliance requirements. Our FIPS-compliant Federal Information Processing Standard images, combined with detailed SBOM (Software Bill of Materials) and STIG-hardened (Security Technical Implementation Guide) configurations, provide a strong foundation for meeting the requirements of CMMC 2.