|CMMC Capability Domains||CMMC Events||CMMC Community Blogs||CMMC Education||CMMC Resources||CMMC News|
In support of the Defense Industrial Base effort to achieve CMMC compliance, Carahsoft and our partners deliver products and services to address the cybersecurity controls within the framework. We have organized those products and services by both CMMC Capability Domain and by technology vendor. To get started, select a CMMC Domain or Technology Vendor on the left hand side.
CMMC is the cybersecurity framework used by the DOD to measure their suppliers' cybersecurity maturity and ensure protection of Controlled Unclassified Information (CUI) residing on contractor networks. CMMC organizes cybersecurity processes and best practices into a set of 17 capability domains across 5 maturity tiers. The 5 Maturity Levels of the CMMC Framework are summarized below:
Given the range of information sensitivity by contract, the maturity level required will be determined at the individual contract level. The maturity model is cumulative so that each successive level consists of the practices and processes specified in the preceding level as well as additional controls.
Within the 5 maturity levels of CMMC, the 17 capability domains are derived from the basic safeguarding requirements in FAR Clause 52.204-21, NIST Special Publication 800-171, and other sources. Each domain is comprised of a set of controls that designate a range of cybersecurity and mitigation activities.
The CMMC framework includes a certification requirement that verifies the execution of the processes and practices by maturity level and standardizes implementation across the DIB. CMMC assessments are carried out by assessors that are certified by the CMMC Accreditation Body (CMMC-AB). For more information on CMMC or how to get started on assessing your CMMC needs, please reach out to CMMC@carahsoft.com and a Carahsoft representative will assist you.
January 29th, 2021
Okta's Chris Niggel talks the importance of choosing the right security solutions, keeping users engaged and where agencies will focus their efforts in the future.
January 8th, 2021
Read the latest insights on Law Enforcement from Government Cloud thought leaders and additional research from GovTech on the Carahsoft Community Blog.
October 16th, 2020
Read the latest insights from cyber intelligence thought leaders and additional government perspectives on the Carahsoft Community Blog.
October 8th, 2020
Read the latest insights from Government Cybersecurity thought leaders and additional research from GovTech on the Carahsoft Community Blog.
August 28th, 2020
Read the latest insights from these Government Cloud Security thought leaders and additional industry research from FCW on the Carahsoft Community Blog.
February 25, 2021
Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced that it has been awarded a new Department of Defense (DoD) Enterprise Software Initiative (ESI) blanket purchase agreement (BPA) in accordance with the company’s General Services Administration (GSA) Federal Supply Schedule contract.
December 03, 2020
Centrify, a leading provider of Identity-Centric Privileged Access Management (PAM) solutions, today announced significant sales momentum across all regions and industries as organizations seek to secure privileged access to an increasingly decentralized modern attack surface driven by digital transformation.