Cybersecurity is in every conversation concerning federal contracting these days. Standards are changing, and with the changes, government contractors will have to be mindful of deadlines and benchmarks over the next three years. For now, the DoD is leading the charge on upgrading regulatory compliance, however, several other agencies are following suit with their own updates to process and procedure regarding the handling of controlled unclassified information (CUI). 

For the layperson, this can seem like a bit of a mess with the lack of consistency across agencies, and an ever-changing environment. To keep you informed, we are chatting with our industry expert on the subject, Fernando Machado, to hash out what we do know to be true, fixed deadlines, and establishing a plan for certification. CMMC isn’t going away, it’s pressing on, and we are here to help you map out your pathway in a reasonable and cost-effective way.

Self Assessment v. Third Party Certification

About Fernando Machado

Fernando Machado is the Managing Principal and Chief Information Security Officer for Cybersec Investments. Cybersec Investments is a Candidate CMMC Third-Party Assessment Organization (C3PAO) helping organizations meet compliance with NIST SP 800-171 security requirements mandated by the Department of Defense for defense contractors. Fernando has over 10 years of experience working with Department of Defense customers and holds top cybersecurity industry certifications.