Cybersecurity Standards and Regulations

Gain visibility into your cybersecurity stance, including processes, assets and risks. Shift from a mindset of defense to one of mitigate and manage. Then use your cybersecurity stance to build business opportunities and grow trust among your stakeholders, meeting the regulatory requirements for U.S Federal government and other contracts.

DTS services include:

SOC 2 Type 1 • SOC 2 Type 2 • HITRUST • HITECH • CCPA • NIST 800-171 • NIST 800-53 • CMMC • DFARS • ITAR

NIST vs. CMMC: Understand the difference

You may be familiar with cybersecurity requirements but not confidently know where your company falls in the process. DTS can help you calculate your “score” and help you determine how and when to report that number.

You may need to report your number to bid or team on DoD contracts, to lower the cost of cybersecurity insurance, and to establish stakeholder relationships around proprietary information.

NIST SP 800-171

  • Requirements that non-Federal computer systems must follow in order to store, process, or transmit Controlled Unclassified Information (CUI) or provide security protection for such systems
  • 110 Controls (Technical, Policy, and Procedure)
  • Self-certify and report score in the Supplier Performance Risk System (SPRS) 

CMMC: Cybersecurity Maturity Model Certification

  • A standard for implementing cybersecurity across the Defense Industrial Base (DIB) and protecting CUI
  • Based on NIST SP 800-171 standards
  • Takes into account your organization’s actual cybersecurity practices and how long and how well you’ve been following them
  • 5 sequential levels of maturity
  • 17 compliance domains, using a combination of technical controls, policy, and procedures
  • Requires validation by a third-party assessor
CMMC Standards Process

CMMC defines five cybersecurity maturity levels, ranging from basic cyber hygiene (ML-1) to advanced cybersecurity practices (ML-5). Each level outlines the capabilities, processes, and practices to reduce the risk of a security threat breaching a company’s cybersecurity defenses.

CMMC Maturity Levels

CMMC Maturity Levels

17 Compliance Domains

Access Control
Asset Management
Audit and Accountability
Awareness and Training
Configuration Management
Identification and Authentication

Incident Response
Media Protection
Personnel Security
Physical Protection

Risk Management
Security Assessment
Situational Awareness
System and Communication Protection
System and Information Integrity


Latest News
AppDeveloper Magazine January 18, 2022 Edward Tuorinsky is the Managing Principal of DTS, a Service-Disabled Veteran-Owned Small Business, that provides information technology and management…


To safeguard sensitive national security information, the Department of Defense (DoD) launched CMMC 2.0, a comprehensive framework to protect the defense industrial base from…


Open quote

It seems like innovation is happening faster then ever before, that’s because it is. Disruptors are changing the way we think and behave. Those who are the first to embrace it, reap the biggest gains.

Close quote