Background
An aerospace/defense contractor was preparing for bid eligibility on Department of Defense (DoD) contracts and sought the Cybersecurity Maturity Model Certification (CMMC) Level 2. The organization had limited cybersecurity resources and no prior experience with CMMC compliance.