Home » Services » CMMC (Cybersecurity Maturity Model Certification)

CMMC (Cybersecurity Maturity Model Certification)

SBIR CMMC Survival Kit™

 

For small businesses navigating the SBIR program at DOD / DOW, the CMMC cybersecurity requirement is already in the first phase of implementation (https://dodcio.defense.gov/cmmc/About/).  All DOD / DOW awards from 10 Nov 2025 are requiring either a CMMC Level 1 or Level 2 self-assessment.   Other agencies are considering further cybersecurity requirements, but at this time only DOD / DOW awards require CMMC.  The current CMMC Level required for a specific DOD / DOW SBIR award is determined by the Topic of that award.  The required CMMC measures must be implemented prior to any award, meaning awards can be held up without CMMC compliance.  Further, DOD / DOW plans to implement the next stage in Nov 2026 that will require any contract handling Controlled Unclassified Information (CUI) to have a 3rd party certified Level 2 CMMC.  All SBIRs will generate CUI, meaning the 3rd party certification requirement is coming quickly.

 

TotemThat’s why BBCetc has partnered with Totem Technologies, a team of best-in-class specialists providing CMMC certification and compliance software. Totem Tech is the trusted CMMC and NIST 800-171 compliance GRC software solution for defense contractors and their external service providers. As a DOD Tier 1 supplier, Totem Tech brings years of first-hand experience in cybersecurity requirements to offer the right approach for small businesses.

 

Totem Tech devised the SBIR CMMC Survival Kit™_ HRDN-IT™

This Level 2 CMMC compliant solution is achievable on a small business budget and within the TABA threshold of $6500.

HRDN-IT™ is the simple and affordable on-premises CUI enclave solution for small business defense contractors pursuing NIST 800-171 and CMMC Level 2 compliance. Perfect for small- and micro-businesses with minimal CUI-handling needs but still required to meet CMMC Level 2 and NIST 800-171.  No expensive and limited use cloud-based virtual desktops.  No Microsoft GCC High licenses needed.  No minimum user count.

This approach has achieved a CMMC Level 2 C3PAO certification!

  • HRDN-IT™ is the simple and affordable on-premises CUI enclave solution for small business defense contractors pursuing NIST 800-171 and CMMC Level 2 compliance.
  • HRDN-IT™ can either be managed by you or by Totem Tech, providing flexibility to small businesses that want to handle CUI.
  • Customize your build to include the software and tools you need to perform your SBIR or contract.

 

Learn more about HRDN-IT™ Single PC CMMC Enclave