If you’re one of the more than 300,000 companies in the defense industrial base’s (DIB) supply chain, you’re probably familiar with the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC). If not, here’s a quick definition courtesy of the Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)): “The CMMC is a framework that includes a comprehensive and scalable certification element to verify the implementation of processes and practices associated with the achievement of a cybersecurity maturity level."
In November 2021, the DoD revealed their streamlined CMMC 2.0 Model with three certification levels across 14 security domains:
| The 14 CMMC Domains: |
|
| Access Control |
Media Protectiom |
| Audit & Accountability |
Personnel Security |
| Awareness & Training |
Physical Protection |
| Configuration Management |
Risk Management |
| Identification & Authentication |
Security Assessment |
| Incident Response |
System & Communications Protections |
| Maintenance |
System & Information Integrity |
How Avalon Cyber Can Help
Through our proactive cybersecurity services, Avalon Cyber can assist with several of the capabilities within the 14 domains required by the Department of Defense.
Services compatible with Levels 1, 2 & 3:
- Managed Detection & Response Avalon Cyber’s KnightVision MDR service is a robust endpoint monitoring solution that screens malicious behavior at the endpoint level, allowing our team of experts to alert you and take immediate action to shut down a potential threat.
- Digital Forensics & Incident Response (DFIR) Our experts have extensive experience in digital forensics and cybercrime remediation that enables a prompt and comprehensive response to cyberattacks. We know where to find critical electronic evidence, and how to obtain, recover, and analyze or sanitize it using today’s most sophisticated technology and forensic software.
- Virtual CISO (vCISO) We partner with experienced, practicing CISOs to work with you and your management team, board, and additional stakeholders to develop the strategic vision, resources, and protocols for an appropriately sized, measured, and effective security program.
Services compatible with Levels 2 & 3:
- SIEM/SOC Avalon Cyber developed KnightVision CAM (Compliance, Alerting, Monitoring), our customizable, scalable – and affordable – solution to address cybersecurity challenges, including regulatory compliance and threat alerting and monitoring.
- Vulnerability Assessments Avalon Cyber’s expert engineers conduct internal and/or external vulnerability scans to identify risks in your company’s environment.
- Penetration Testing Our cybersecurity professionals safely simulate the actions of a cybercriminal targeting your network and attempt to exploit critical systems to access sensitive data.
- Phishing Simulation & Training We offer an innovative program that allows your security team to launch simulated phishing attacks and run comprehensive security awareness training campaigns to help educate your employees and stakeholders.
To learn more or to schedule a CMMC service consultation, contact the experts at Avalon Cyber today.