Who Needs CMMC Certification?

Any business and/or organization within the US Department of Defense (DoD) supply chain—including prime contractors and subcontractors—will be required to achieve at least one of the levels of CMMC compliance. According to the DoD, CMMC compliance regulations will apply to over 300,000 different organizations.

When CMMC 2.0 is implemented, self-assessments, based on the CMMC level assigned, will be required on an annual basis. Contractors are also required to safeguard information by inclusion of contract clauses including FAR 52.204-21 (for FCI) or DFARS 252.204-7012 (for CUI).

About Critical Insight

Critical Insight is the only cybersecurity-as-a-service provider that prepares, monitors and responds to cyber threats, going beyond SOC-as-a-service offerings typical of Managed Detection and Response (MDR) offerings.

With a focus on organizations that deliver critical services – hospitals, local governments, utilities, school systems, and more – we provide end-to-end support to those with limited security teams or budgets to handle threats proactively and as they occur.

Based in Bremerton and Seattle, Washington, Critical Insight is a venture-backed company founded by former CISOs in the public sector. We are committed to training new analysts and providing the most up-to-date cybersecurity protection.

Learn about us →

Check out our Security Awareness Trainings

In these 60-minute sessions, you’ll learn how to spot the links to avoid, you’ll learn how ransomware really works, and you’ll come away with some pretty good stories to tell. This won’t be one of those boring trainings, we promise.