The CMMC Program


To protect American ingenuity and national security information, the Department of Defense (DoD) developed the Cybersecurity Maturity Model Certification (CMMC) 2.0 program to reinforce the importance of Defense Industrial Base (DIB) cybersecurity for safeguarding the information that supports and enables our warfighters.

Once CMMC 2.0 is implemented, contractors will be required to obtain a third-party CMMC Level 2 assessment for a subset of acquisitions that involve information critical to national security. DIB companies will be fully responsible for obtaining the needed assessment and certification, to include coordinating and planning the CMMC assessment.

CMMC Certification Services

Authorized C3PAO

The DoD has approved voluntary NIST 800-171 (CMMC level 2) assessments through the Joint Surveillance Voluntary Assessment Program.

As an Authorized CMMC 3rd Party Assessment Organization (C3PAO), Cybersec Investments is authorized to conduct NIST 800-171 (CMMC Level 2) assessments through the DoD’s Joint Surveillance Voluntary Assessment Program (JSVA). 

To read more about the DoD’s Joint Surveillance Voluntary Assessment Program (JSVA), check out this article from FEDSCOOP.

We also offer 3rd Party Letters of Attestation for both FAR 52.204-21 and NIST 800-171**

CMMC Readiness Review

Not sure if you are ready for your CMMC assessment? Let us evaluate your organization prior to your CMMC assessment.

CMMC Advisory Services

Authorized C3PAO

Our team can help your organization get ready for your NIST 800-171/CMMC Level 2 or FAR 52.204-21/CMMC Level 1 Assessment.  We offer the following services: 

  • Gap assessment – Evaluating your current state of DFARS 252.204-7012 and NIST 800-171 (CMMC Level 2) requirements.
  • Remediation Planning – Assistance in resolving identified existing gaps.
  • Documentation – Assistance with developing policies, procedures, plans, etc. as part of your DFARS 252.204-7012 and NIST 800-171 (CMMC Level 2) compliance journey.
Scroll to top