Click to chat
  • Solutions
    • Solutions
    • Artificial Intelligence
    • Data Analytics
    • Epicor for Distribution
    • Epicor for Manufacturing
    • IT Support
    • Managed Services
    • Microsoft 365
    • Microsoft Azure
    • Microsoft Licensing Support
    • Security
  • Innovation
    • Innovation
    • AI for Epicor
    • Cybersecurity
    • Data Analytics
    • Epicor in Azure
    • Epicor Kinetic ERP
    • Microsoft 365
    • Microsoft Azure
    • SaaS
  • Helpdesk
  • Resources
    • Resources
      • Resources
      • 2W Conversations
      • News Releases
      • Product Demo’s
      • Quick Tech Talks
      • Webinars
    • Blogs
  • About 2W
    • About Us
    • Contact Us
    • IT News
  • Join the Team
  • Client Login
  • Solutions
    • Solutions
    • Artificial Intelligence
    • Data Analytics
    • Epicor for Distribution
    • Epicor for Manufacturing
    • IT Support
    • Managed Services
    • Microsoft 365
    • Microsoft Azure
    • Microsoft Licensing Support
    • Security
  • Innovation
    • Innovation
    • AI for Epicor
    • Cybersecurity
    • Data Analytics
    • Epicor in Azure
    • Epicor Kinetic ERP
    • Microsoft 365
    • Microsoft Azure
    • SaaS
  • Helpdesk
  • Resources
    • Resources
      • Resources
      • 2W Conversations
      • News Releases
      • Product Demo’s
      • Quick Tech Talks
      • Webinars
    • Blogs
  • About 2W
    • About Us
    • Contact Us
    • IT News
  • Join the Team
  • Client Login
Contact Us
Home / IT News / CMMC is Here – Are You Ready?

CMMC is Here – Are You Ready?

11/13/20
Categories:
  • CMMC
  • Controlled Unclassified Information
  • Cybersecurity compliance program
  • Cybersecurity Maturity Model Certification
  • Cyberthreats
  • Department of Defense
  • NIST

As if 2020 couldn’t throw more at the business industry, there is also a major defense contractor regulation companies must comply with. On Jan. 31, 2020, the U.S. Department of Defense released the first version of the Cybersecurity Maturity Model Certification. Also known as NIST 800-171, CMMC was created to allow companies that had contracts with the Department of Defense to show they were protecting Controlled Unclassified Information (CUI). This information includes personal and confidential data that resided on nonfederal systems that are being operated on behalf of a federal agency. 

Initially, contractors could self-certify that they met the NIST requirements. CMMC version 1 changes that by requiring a third-party assessment of the contractor’s compliance and by mandating that the contractor demonstrate the capability to adapt to evolving cyberthreats against CUI.  

It is estimated that the new CMMC requirement will impact more than 300,000 companies, ranging from large system integrators to SMBs. And each company could be affected differently based on the five tiers that different contractors will have to meet: 

  • Level 1 – This tier covers the basic safeguarding of contractor information systems as listed in FAR Clause 52.204.21.  
  • Level 2 – The builds upon Level 1 by requiring greater cyber hygiene to protect CUI by applying an additional 48 controls from NIST 800-171r1. In fact, Level 2 has an additional 55 practices over Level 1 for a total of 72 practices.  
  • Level 3 – This level requires “good cyber hygiene” to protect CUI. It encompasses all practices from NIST SP 800-171-r1.  
  • Level 4 – This level requires contractors review and measure all their practices along with establishing response procedures to changing techniques and procedures for advanced persistent threats.  
  • Level 5 – This level requires that company meets all previous levels and have a standard process in place for the organization to respond to and defend against advanced persistent threats.  

If you sell or are going to sell to the government, this affects you. There are many steps your business can be taking today to comply with CMMC. You don’t need to go at it alone. Give 2W Tech a call today and let us help your business prepare for the Cybersecurity Maturity Model Certification and give you audit support. 2W Tech is a technology service provider that has a proven track record with our Cybersecurity Compliance Program. 

Read More:

Remote Monitoring and Management Highlights Managed IT Services

Microsoft Teams Users Beware of a Cobalt Strike

Back to IT News

Copyright © 2025, 2W Technologies, Inc.

2W Tech is a leading technology service provider specializing in cutting-edge solutions for the manufacturing and distribution industry, including Epicor ERP, Epicor P21, IT support and infrastructure, Azure cloud services, Microsoft 365, cybersecurity, artificial intelligence, data analytics, and comprehensive managed technology programs.

Epicor in AzureTM and ResolveIQTM are registered trademarks of 2W Technologies, INC.

As an esteemed Epicor Platinum Elite Partner and a Microsoft Tier 1 Cloud Services Partner, we are dedicated to delivering unparalleled service and support. For more information, please contact us at 262-686-5070 or visit our website here.