Cybersecurity Maturity Model Certification (CMMC)

November 16th, 2020

Cyber security is a chief focus of Domain Technology, especially where national security is concerned.  The CMMC is the Department of Defense’s (DoD) verification mechanism to protect Controlled Unclassified Information (CUI) that resides on Defense Industrial Base (DIB) systems and networks. NIST (National Institute of Standards and Technology) began in September to phase in CMMC for DoD-identified contractors. Eventually, CMMC will be required for all organizations doing business with the DoD at any level. 

Domain Technology has long had its finger on the pulse of the NIST framework. We have had the experience of completing assessments with the NIST Framework for Maturity Models for the FFIEC (Federal Financial Institute Examination Counsel). 

We are excited to share ground-breaking news from NIST: An update has been made to SP 800-53 that will provide the information necessary for organizations to build or improve their security, privacy and supply chain risk management programs.  The implementation of new security and privacy controls to protect both organizations and individuals will continue to function for decades to come.  

NIST has completely renovated structural issues and technical content SP 800-53, Revision 5.  These changes will secure any size organization from any sector. The approach is proactive, systematic, and far-reaching to encompass everything from super computers to IoT devices. The achieved goal is to protect and ensure that all systems and services can be trusted and have the strength and durability to protect the economy and national interests of the United States.  

Below is a list of the most significant changes to SP 800-53 as listed by NIST:  

  • Making controls outcome-based 
  • Consolidating the control catalog 
  • Integrating supply chain risk management. 
  • Separating the control selection process from the controls 
  • Transferring control baselines and tailoring guidance to a separate publication 
  • Improving descriptions of content relationships 
  • Adding new state-of-the-practice controls 

 Domain Technology can assist your organization with the new NIST Framework to achieve Cybersecurity Maturity Model Certification.

For more information, email info@domain-group.com, or call  610 374 7644 Opt 1.