CMMC

Are You CMMC Certified?

Summit Business Technologies can help structure a framework for success, or enhance an existing CMMC analysis. For assessment needs, Summit demonstrates a thorough mapping of the solid foundation needed for true compliance.

Our 3 Step Process for CMMC:

1. Assessment, SSP, & PO&AM

Assessing your existing network and policies, we examine and overlay the required controls of NIST 800-171 for comparison. A System Security Plan (SSP) is established in tandem with a Plan-of-Action and Milestones (POAM), strategizing and documenting your journey towards compliance.  

2. Remediation

We will integrate the necessary security measures, as outlined in the POAM, to bring your existing framework up to par. The complexity of this process varies, depending on the state of the network infrastructure.

3. Monitoring

Finally, the data will be measured against the regulatory output, updated with each new iteration. A multitude of subscription models are available.

Who’s Affected :

Aerospace
Government
Manufacturing
Construction

Our 3 Step Process

1. Assessment, SSP, & PO&AM

We perform a detailed assessment of your current network and compare it with the cyber security controls required in NIST 800-171. We prepare a System Security Plan (SSP) & Plan-of-Action & Milestones (PO&AM) providing documented evidence to the DoD or your Prime that you’re on your way towards compliance.

2. Remediation

In this step, the items called out in the Plan-of-Action & Milestone (PO&AM) are addressed. Depending on the current state of your IT systems, this can be as simple as implementing multi-factor authentication and security awareness training or as complex as refreshing an entire aging infrastructure.

3. Monitoring

Using existing analytical platforms, we interrupt ongoing client data in real-time against the ever-evolving compliance regulatory output. Subscription models vary with flexible and expansive options available.

Who’s Affected :

Aerospace
Government
Manufacturing
Construction

Other CMMC Resources:

CMMC 2.0

CMMC 2.0

CMMC 2.0 What are the changes to CMMC In January of 2020, the DoD issued a new standard that the Defense Industrial Base (DIB) needed to adhere to be eligible

Read More »

C3PAO for CMMC

We have been talking with CMMC maturity Level 1 and Level 3 seekers for months now, and one thing we keep hearing is, “I am looking for a C3PAO to

Read More »

CMMC: The Journey So Far

Let the Games Begin After its announcement in January 2020, we have been anxiously awaiting more information on the implementation of the CMMC standard. Summit Business Technology has been on

Read More »

MD Cybersecurity Tax Credit

Summit is a Qualified Cybersecurity Seller, vetted and certified by the State of Maryland to provide businesses with fewer than 50 employees cost-effective security controls eligible for state income tax credits. The 50% tax credit effectively cuts the cost of cybersecurity protection by half. For eligible businesses, it’s a tremendous incentive to take essential steps to reduce risk at a far more affordable cost. Contact us for an overview.