We are proud to announce that we've achieved Cybersecurity Maturity Model Certification (CMMC) Level 2, which confirms the company’s ability to secure national defense data and meet stringent Department of Defense (DoD) cyber mandates. Maximus secured this certification through a rigorous Certified Third-Party Assessor Organization (C3PAO).
“Achieving CMMC Level 2 confirms that Maximus now meets the Defense Department’s rigorous cybersecurity standards,” said Derrick Pledger, Chief Digital & Information Officer, Maximus. “This extends to the defense and Veterans health programs we support every day, giving government leaders confidence in the security of sensitive data while missions move forward with speed and resilience.”
CMMC is a DoD-sanctioned program designed to assess and enhance the cybersecurity posture of defense contractors and subcontractors, particularly those handling sensitive unclassified information. The 2.0 program is the next iteration of the CMMC model, which streamlines requirements and aligns to widely accepted National Institute of Standards and Technology cybersecurity standards. For government customers, this certification means they can move faster to deployment. With CMMC Level 2 already secured, programs supported by Maximus avoid lengthy Authorization to Operate (ATO) delays—accelerating timelines and reducing risk at startup.
“CMMC validates our enhanced cybersecurity posture as a defense contractor,” said Pledger, “and positions Maximus to compete effectively across the federal contracting landscape.”
For more information on the work Maximus does for agencies with cybersecurity, please visit: https://maximus.com/technology-services/cybersecurity