• Back


Washington Technology: Bill Solms on Preparing for the CMMC

Bill Solms, President and General Manager for the QOMPLX Government Solutions Division, wrote ‘Where to start and how to go forward with CMMC preparation’ for Washington Technology. As CMMC certification becomes a necessity for bidding on DOD contracts, preparing for- and obtaining certification is critical.


The CMMC certification was created to combat the rise of cybercrime, which can lead to the loss of billions of dollars annually: up to $600 billion globally, and between $57 billion and $109 billion from the U.S. economy in 2016 alone. Within the government space, contractors and subcontractors are common targets. Under CMMC, they would be required to be certified as "cyber secure" in order to bid on contracts from the U.S. Department of Defense.

“CMMC draws from a few existing certifications—NIST 800-171, CIS Controls, DFARS -- and helps contractors understand the policies and procedures that need to be revamped. It is an important first step to take a pre-assessment prior to meeting with auditors to understand their organization’s current state of CMMC readiness.”
– Bill Solms, President & GM, QOMPLX Government Solutions.

Solms notes that it is essential to prepare for certification. As self-assessments are not used for CMMC, a third-party audit must take place. “Under the updated plan, the CMMC-AB is responsible for identifying, training and certifying third-party auditors to conduct physical audits. These auditors will make the final decision on whether a contractor has met the controls required to receive their certification,” he writes

While COVID-19 has complicated the roll out of CMMC, Solms says any delays in the program should and likely will be temporary. “The ... necessity to institute more transparency and due diligence in cybersecurity for government contractors of all sizes is something that cannot and should not wait.”

Read ‘Where to start and how to go forward with CMMC preparation

More News

Card image cap
InQlusiv selects QOMPLX in new partnership to support parametric insurance options in the U.S.

Published Oct 07, 2021

Card image cap
In response to the ransomware scourge, QOMPLX offers free trial of its powerful attack surface management tool

Published Sep 15, 2021

Card image cap
The Data Analytics Report: Q&A with Alastair Speare-Cole

Published Sep 07, 2021

Card image cap
CoreLogic and QOMPLX Join Forces to Expand Insurance Data and Model Offering

Published Aug 04, 2021