CMMC 2.0 (Cybersecurity Maturity Model Certification Level 2) is a Department of Defense (DoD) framework that applies to DoD contractors. This article provides an overview of CMMC and information on how XQ can help to prepare you for CMMC.
Overview
The Department of Defense (DoD) has created CMMC Level 2, a program to enhance supply chain security and defend against cyberattacks. By 2025, this framework will be mandatory for all contractors within the Defense Industrial Base (DIB).
To receive the CMMC Level 2 Certification, contractors must follow 110 security requirements specified in NIST SP 800-171 Revision 2 and comply with DFARS Clause 252.204-7012. This certification focuses on safeguarding controlled unclassified information (CUI). Contractors must pass a CMMC Third-Party Assessment Organization assessment every 3 years to prove to the DoD their ability to secure CUI based on its risk throughout the supply chain.
The CMMC Level 2 requirements are divided into 14 domains and 110 practices, with 320 assessment objectives in total. These practices involve both technical and non-technical controls, policies, and procedures to ensure ongoing CUI security. These practices include the use of FIPS-validated cryptography and having a System Security Plan (SSP) in place. The complete list of required practices can be found in the CMMC Level 2 Assessment Guide.
XQ and CMMC
XQ’s products cover NIST security requirements and facilitate CMMC practices and processes that protect CUI. XQ helps streamline your organization’s preparations for CMMC by protecting CUI from unauthorized access throughout its lifecycle and providing auditable event logs of all communications.
XQ helps to prepare you to meet CMMC Level 2 requirements in the following ways:
- Protect unauthorized CUI access in Gmail and Outlook with XQ Encrypted Email.
- Protect cloud data, including files, from access internally and by external primes, subcontractors, agencies, and other mission partners with XQ Vault.
- Support remote workers and distributed teams throughout supply chain collaboration workflows.
For more information on using XQ to prepare for CMMC or to schedule a demo, see our CMMC compliance page.
Get Started
See our CMMC 2.0 Onboarding and Installation guide to get started.
For more information on CMMC, view the following XQ blog posts: