Safeguarding sensitive information is no longer just a technical challenge or a compliance tick box; it’s a matter of national resilience and security. As a result, the Department of War (DOW) has directed that protecting Controlled Unclassified Information (CUI) across the defense supply chain is a shared responsibility. To deliver on this requirement, it has also created the Cybersecurity Maturity Model Certification (CMMC), which establishes a unified standard for cyber hygiene and accountability across all organizations supporting defense missions.
What is the CMMC, and why is it vital to the defense ecosystem?
The CMMC Program was designed by the DoD to assess and enforce cybersecurity requirements across the Defense Industrial Base (DIB). Its purpose is to ensure the protection of sensitive unclassified information shared by the department with its contractors and subcontractors.
Achieving certification ensures that organizations can maintain consistent, measurable cybersecurity practices to prevent the loss or compromise of CUI and Federal Contract Information (FCI).
Previously, compliance with DOW cybersecurity standards (such as NIST SP 800-171) relied on self-attestation. But, as cyber threats and supply chain breaches have become more sophisticated, the DOW has recognized that assurance must be demonstrated, not declared.
CMMC 2.0 replaces self-attestation with independent verification and aligns directly with NIST SP 800-171 and SP 800-172, establishing clear levels of maturity tied to the sensitivity of information handled.
It is also part of a broader national effort to raise cybersecurity maturity across the entire defense ecosystem. The DOW’s objective is clear: ensure every supplier, regardless of size, adopts strong cyber practices to protect U.S. defense information from espionage and data theft.
At Glasswall, we firmly believe security assurance must be verifiable, transparent, and built into how our technology is delivered. Today, we’re proud to share the news that Glasswall meets the requirements for CMMC 2.0 Level 1 and is now audit-ready for Level 2 certification, working with an accredited Third-Party Assessment Organization (C3PAO) with the goal of completing full certification as soon as possible.
For Glasswall, pursuing CMMC 2.0 is a natural evolution, not just a compliance exercise. As a leader in Content Disarm and Reconstruction (CDR), our zero-trust approach ensures that every file our technology processes aligns with the framework’s intent - every time and without exception.
Our certification effort focuses on three priorities:
We are partnering with a certified third-party organization to assess our systems, controls, and documentation, ensuring our compliance is externally verified under DOW oversight.
We are embedding CMMC-aligned requirements across all relevant functions and processes, from secure development and infrastructure management to training and incident response.
We are providing our government and industry partners with confidence that Glasswall solutions meet the highest standards for regulated and mission-critical environments.
“Glasswall’s alignment with CMMC 2.0 reflects our readiness to meet these important requirements and underlines our support of wider government initiatives, including the adoption of Zero Trust Architectures, which our solutions directly enable,” said Paul Farrington, Chief Product and Marketing Officer at Glasswall. “From securing files in intelligence workflows to sanitizing data for defense contractors, our mission is to deliver trust through proof.”
.png)
David is a technology copywriter with over 25 years’ experience. Passionate about technology and solving real-world challenges, he excels at weaving customer stories into compelling narratives that resonate and inspire action.
Eliminate malware before it reaches your network and ensure your files are always safe and secure with Glasswall’s Zero Trust and intelligent file protection.
.avif)
