Latest news with #ControlledUnclassifiedInformation
Malaysian Reserve
24-07-2025
- Business
- Malaysian Reserve
GRS Technology Solutions Achieves CMMC Level 2 Certification with A-LIGN, Reinforcing Its Role as a Trusted Partner for Federal Cybersecurity Compliance
WASHINGTON, July 24, 2025 /PRNewswire/ — GRS Technology Solutions, a trusted IT, cybersecurity, and compliance provider dedicated to protecting federal contractors and their missions, proudly announces that it has successfully achieved Cybersecurity Maturity Model Certification (CMMC) Level 2, following a rigorous third-party assessment conducted by A-LIGN, a leading C3PAO. This significant milestone positions GRS among a select group of Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) certified to meet the Department of Defense's cybersecurity requirements for handling Controlled Unclassified Information (CUI). The certification reflects GRS's commitment to implementing mature, repeatable security practices that meet the 110 controls outlined in NIST SP 800-171 Rev 2. GRS is also a Registered Provider Organization (RPO), recognized by the Cyber AB for its ability to deliver consulting services aligned with the CMMC framework. 'We've always prioritized security and compliance internally and for our clients. Achieving CMMC Level 2 is a testament to the systems, processes, and culture of cybersecurity we've built over the years,' said Larry Burbano, CEO of GRS. 'This certification not only reinforces our credibility, but it also enables us to better support federal contractors who are navigating their own CMMC journey.' Throughout this journey, we put in countless late nights to develop a detailed Customer Responsibility Matrix (CRM) that clearly outlines ownership and responsibility for each assessment objective. It's designed to ensure mutual accountability. Our clients can hold us accountable, and we can do the same in return. What This Means for Clients: End-to-End Confidence: GRS applies the same high standards of security and compliance to your environment as we do to our own – whether you're using Windows or macOS systems. Certified Expertise: With Certified CMMC Assessors (CCAs) and Certified CMMC Professionals (CCPs) on staff, GRS brings deep, in-house expertise to every stage of your compliance journey. From gap assessments and remediation to full audit readiness. We don't just prepare you for the assessment; we sit at the table and represent you when it matters most. Ownership: We take full ownership of the CMMC journey alongside our clients. From advising and implementing to managing and supporting each control and assessment objective, we move with purpose – and expect you to keep pace. Think of us as your personal CMMC trainer, keeping you on track every step of the way. A Competitive Edge for Clients: Partnering with a CMMC-certified MSP/MSSP gives federal contractors a clear advantage in achieving CMMC compliance and strengthening their position to win federal contracts. About GRS Technology Solutions: GRS Technology Solutions isn't your typical Managed Service Provider (MSP) and Managed Security Service Provider (MSSP). We're built differently. We are a team of A+ players driven by a clear mission: to deliver excellence without compromise. At GRS, mediocrity has no place. We don't chase volume; we focus on impact. Our clients are federal contractors who demand precision, reliability, and results, and that's exactly what we deliver. With years of proven experience and deep expertise in the Defense Industrial Base, we provide fully managed IT services, cutting-edge FedRAMP-approved cybersecurity solutions, and hands-on CMMC implementation support. If you're looking for a partner who plays at the highest level, you've just found one. Whether you're preparing for CMMC L1/L2, facing a DIBCAC audit, navigating DFARS and NIST 800-171 requirements, or modernizing legacy systems, GRS is the trusted partner devoted to protecting your mission, your data, and your future. For more information visit
Associated Press
16-07-2025
- Business
- Associated Press
By Light Achieves CMMC-Level 2 Certification
- By Light Achieves CMMC Level 2 Certification, Strengthening Commitment to Cybersecurity for DoD and Federal Customers - MCLEAN, Va., July 16, 2025 (SEND2PRESS NEWSWIRE) — By Light Professional IT Services LLC (By Light) is proud to announce that it has been officially appraised at Cybersecurity Maturity Model Certification (CMMC) Level 2, demonstrating the company's deep commitment to safeguarding Controlled Unclassified Information (CUI) and meeting the cybersecurity requirements of the U.S. Department of Defense (DoD). CMMC Level 2 represents a critical milestone for defense contractors, requiring the implementation of 110 security practices aligned with the National Institute of Standards and Technology (NIST) SP 800-171. By Light's successful appraisal underscores its operational readiness and adherence to stringent security standards across its internal systems, processes, and partner networks. This certification further positions By Light as a trusted provider of secure digital transformation services for the federal government, including cyber operations, DevSecOps, and Zero Trust implementations. The CMMC Level 2 appraisal was conducted by a CMMC Third Party Assessor Organization (C3PAO) and is valid for three years. By Light continues to invest in comprehensive cybersecurity governance across its classified and unclassified offerings and remains committed to continuous improvement as CMMC evolves in future phases. About By Light: By Light Professional IT Services LLC is an ISO 9001, 20000-1, and 27001 registered and CMMI-Dev Level 3 rated systems engineering company that provides secure turnkey systems by incorporating exceptional engineering, project management, telecommunications, and cyber capabilities to safeguard mission success. Founded by industry professionals with extensive knowledge in DoD, DISA, and other U.S. Government agencies, By Light successfully implements technical solutions that integrate commercial best practices to meet the needs of the government. For more information, visit LOGO link for media: NEWS SOURCE: By Light Professional IT Services Keywords: Cyber Security and Infosec, By Light Professional IT Services LLC, DoD and Federal Customers, Cybersecurity Maturity Model Certification CMMC, Military, Defense, Government, Armed Forces, MCLEAN, Va. This press release was issued on behalf of the news source (By Light Professional IT Services) who is solely responsibile for its accuracy, by Send2Press® Newswire. Information is believed accurate but not guaranteed. Story ID: S2P127758 APNF0325A To view the original version, visit: © 2025 Send2Press® Newswire, a press release distribution service, Calif., USA. RIGHTS GRANTED FOR REPRODUCTION IN WHOLE OR IN PART BY ANY LEGITIMATE MEDIA OUTLET - SUCH AS NEWSPAPER, BROADCAST OR TRADE PERIODICAL. MAY NOT BE USED ON ANY NON-MEDIA WEBSITE PROMOTING PR OR MARKETING SERVICES OR CONTENT DEVELOPMENT. Disclaimer: This press release content was not created by nor issued by the Associated Press (AP). Content below is unrelated to this news story.
Business Wire
16-07-2025
- Business
- Business Wire
Kimmell Cybersecurity Achieves CMMC Level 2 Certification for MSP and MSSP Services, Strengthening Cybersecurity for DoD Contractors
AKRON, Ohio--(BUSINESS WIRE)--Kimmell Cybersecurity, a CMMC Certified Third-Party Assessment Organization (C3PAO), is proud to announce it has successfully achieved CMMC Level 2 certification for its Managed Service Provider (MSP) and Managed Security Service Provider (MSSP) offerings. This accomplishment makes Kimmell Cybersecurity one of the few C3PAOs to both assess and provide services at CMMC Level 2—providing a fully compliant service environment for contractors in the Defense Industrial Base (DIB). Kimmell Cybersecurity - MSP / MSSP meets DOD's stringent CMMC security requirements achieving CMMC Level 2 certification. This certification is especially significant for Department of Defense (DoD) contractors handling Controlled Unclassified Information (CUI), as it ensures Kimmell Cybersecurity's managed services meet the same rigorous standards required of their clients under the NIST SP 800-171 Rev 2 framework. 'For DoD contractors navigating the complexities of CMMC compliance, this certification proves that our team practices exactly what we assess,' said Brett Kimmell, Managing Member at Kimmell Cybersecurity. 'We understand contractor's unique challenges and offer managed services that are not only compliant but tested to the highest federal standards.' The independent third-party assessment verified that Kimmell Cybersecurity has implemented and maintains all security practices required for CMMC Level 2 certification—strengthening the company's position as a trusted cybersecurity partner for contractors building the future of U.S. defense. With this milestone, DoD contractors and subcontractors can rely on Kimmell Cybersecurity for expert CMMC assessments, consulting, and Level 2-certified managed services that directly support compliance readiness. To learn more email cmmc@ or contact Erik Bennett 330-762-5143 or ebennett@ About Kimmell Cybersecurity Kimmell Cybersecurity is a leading CMMC C3PAO, delivering certified cybersecurity assessments, advisory, and fully managed services tailored to DoD manufacturers and contractors. With deep experience in defense compliance, Kimmell helps organizations secure their systems, safeguard CUI, and achieve CMMC certification with confidence.
Yahoo
11-07-2025
- Business
- Yahoo
Why CMMC is Essential for DoD Contractors: Cybersecurity Compliance Insights Released by Info-Tech Research Group
With increasing cyber threats targeting the defense supply chain, Cybersecurity Maturity Model Certification (CMMC) compliance is now a critical factor for contract eligibility. Info-Tech Research Group's blueprint equips contractors and subcontractors with practical strategies to meet evolving cybersecurity standards and safeguard sensitive information. TORONTO, July 11, 2025 /PRNewswire/ - A growing wave of cyberthreats targeting defense contractors has underscored the need for a consistent and enforceable framework to safeguard Controlled Unclassified Information (CUI) and strengthen the resilience of the defense supply chain. Global research and advisory firm, Info-Tech Research Group, has published insights and guidance on the situation in a new resource, Achieve CMMC Compliance Effectively. While the CMMC aims to provide exactly that, many contractors continue to face significant roadblocks in achieving compliance. Legacy systems, limited internal expertise, evolving requirements, and high implementation costs are just some of the challenges slowing down progress. The firm's research-based resource offers a focused and practical approach to compliance to help contractors navigate these issues by equipping defense organizations with the tools needed to meet certification requirements and maintain eligibility for Department of Defense (DoD) contracts. Info-Tech's blueprint makes it clear that CMMC applies to all prime and subcontractors working with the DoD. The framework is critical for protecting both Federal Contract Information (FCI) and CUI, which are often shared across multiple tiers of suppliers and service providers. However, a significant number of organizations continue to face challenges meeting these requirements, often due to system integration and data flow issues, which are further complicated by confusion around evolving compliance expectations. "Not providing the required level of assessment or certification to the DoD puts organizations at risk of losing eligibility to bid on or be awarded defense contracts," says Safayat Moahamad, research director at Info-Tech Research Group. "More importantly, organizations that proactively invest in cybersecurity resilience gain a competitive advantage by strengthening their ability to bid on DoD contracts and demonstrating trustworthiness in handling sensitive defense data." Info-Tech's insights published in the resource highlight that Organizations Seeking Certification (OSCs), and Organizations Seeking Assessment (OSAs), must choose their target compliance level and implement the corresponding controls. The certification level required for specific contracts will be stated in each DoD solicitation. This means contractors must be proactive and align their security practices with anticipated contract demands. Understanding the CMMC Levels To support this effort, Info-Tech's Achieve CMMC Compliance Effectively blueprint outlines four key CMMC levels, each designed to match the type and sensitivity of data a contractor handles: Level 1: Foundational (Self-Assessed) - For contractors handling Federal Contract Information (FCI). Requires full implementation of 15 basic security controls and annual self-affirmation. Conditional status is not permitted at this level. Level 2: Advanced (Self-Assessed) - Designed for contractors handling Controlled Unclassified Information (CUI). Level 2 requires the implementation of 110 controls from NIST SP 800-171. Organizations must score at least 80% and close any remediation items within 180 days, and complete annual affirmation and reassessment every three years. Level 2: Advanced (Third-Party Assessed) - Similar to the self-assessed Level 2, but compliance is verified by an accredited third-party assessor (C3PAO). This level is required for some contracts, depending on Department of Defense (DoD) solicitation terms. Level 3: Expert (Government Assessed) - Level 3 is for organizations supporting critical defense programs. It requires a Level 2 C3PAO certification. In addition, 24 controls from NIST SP 800-172 must be assessed by the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC). "By addressing the challenges of CMMC compliance early and with purpose, organizations can move beyond simply checking boxes," explains Moahamad. "In a competitive defense landscape, effective compliance is not just a requirement; it is a key differentiator." For exclusive and timely commentary from Safayat Moahamad, an expert in privacy, legal, and compliance fields, and access to the complete Achieve CMMC Compliance Effectively blueprint, please contact pr@ About Info-Tech Research GroupInfo-Tech Research Group is one of the world's leading research and advisory firms, serving over 30,000 IT and HR professionals. The company produces unbiased, highly relevant research and provides advisory services to help leaders make strategic, timely, and well-informed decisions. For nearly 30 years, Info-Tech has partnered closely with teams to provide them with everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations. To learn more about Info-Tech's divisions, visit McLean & Company for HR research and advisory services and SoftwareReviews for software buying insights. Media professionals can register for unrestricted access to research across IT, HR, and software and hundreds of industry analysts through the firm's Media Insiders program. To gain access, contact pr@ For information about Info-Tech Research Group or to access the latest research, visit and connect via LinkedIn and X. View original content to download multimedia: SOURCE Info-Tech Research Group
Associated Press
08-07-2025
- Business
- Associated Press
Whitaker Brothers Introduces the Ultimate Data Destruction Solution: The Datastroyer DCS 36/7 High Security COMBO Paper, CD, DVD, and Blu-ray Shredder
Rockville, MD July 08, 2025 --( )-- Whitaker Brothers, a trusted leader in the data destruction industry, is proud to announce the launch of its newest product innovation, the Datastroyer DCS 36/7 High Security COMBO Paper, CD, DVD, and Blu-ray Shredder. This cutting-edge product meets the latest National Security Agency (NSA) regulations for Top Secret, SCI, and COMSEC destruction of paper and optical media, and is CUI compliant. Datastroyer DCS 36/7 key features include: - Shreds confidential documents into tiny 0.8 mm x 5 mm particles, so sensitive information is completely irrecoverable. - Exceeds the highest level of security for data destruction by the NSA. - Controlled Unclassified Information (CUI) compliant. - Quickly shreds up to 14 sheets of paper at once, with an NSA volume rating of HIGH. - Shreds credit cards and optical media like CDs, DVDs, and Blu-ray discs into 2 mm x 2 mm particles. - NSA evaluated and listed on the July 2025 NSA/CSS Evaluated Products List. Whitaker Brothers created this groundbreaking design to offer government agencies, businesses, and organizations of all sizes an all-in-one solution for securely eradicating both paper documents and optical media. 'We're thrilled that the DCS 36/7 is the latest addition to the NSA/CSS Evaluated Products List in July 2025,' writes Lauren Rossi, Vice President of Government Sales at Whitaker Brothers. 'The Datastroyer DCS 36/7 represents a significant advancement in our commitment to providing state-of-the-art data destruction equipment. Its powerful performance, high security ratings, and ease of use makes the Datastroyer DCS 36/7 the best tool to ensure both compliance and confidentiality,' said Joe Mitchell, President at Whitaker Brothers. 'This machine is a game changer for those that need to quietly and safely dispose of both physical and digital forms of confidential information, and it eliminates the need for purchasing separate shredders for paper and media, which saves time and space,' explains Kyle Mitchell, Vice President of National Sales at Whitaker Brothers. Additional features of the shredder include anti-jam technology, a user-friendly touch screen, an integrated automatic oiler, and an eco-friendly energy management and control system. The Datastroyer DCS 36/7 High Security COMBO Paper, CD, DVD, and Blu-ray Shredder is now available for purchase through Whitaker Brothers' website by visiting About Whitaker Brothers Whitaker Brothers has been a top name in the data destruction and print finishing industries for over 80 years. Specializing in high-security shredders, Whitaker Brothers supplies a full collection of data destruction equipment and print finishing equipment produced to assist organizations and businesses protect their classified information, comply with privacy regulations, mitigate the risks associated with data breaches, and efficiently handle their paper needs. Because of its focus on innovation, quality, and customer service, Whitaker Brothers continues to be a catalyst in the industries in which it operates. Press Contacts For questions or more information, please contact: Lauren Rossi Vice President of Government Sales, Whitaker Brothers [email protected] Kyle Mitchell Vice President of National Sales, Whitaker Brothers [email protected] Contact Information: Whitaker Brothers Business Machines Lauren Rossi 301-354-3044 Contact via Email Read the full story here: Whitaker Brothers Introduces the Ultimate Data Destruction Solution: The Datastroyer DCS 36/7 High Security COMBO Paper, CD, DVD, and Blu-ray Shredder Press Release Distributed by
