CyberNINES: CyberNINES first authorized CMMC certified third-party assessment organization (C3PAO) in Wisconsin and Minnesota to perform cybersecurity assessments for Department of Defense

MADISON, WI, September 26, 2022 – CyberNINES, LLC. a Service-Disabled Veteran-Owned Small Business (SDVOSB) has announced that it is the 26th company nation-wide, and the first in Wisconsin and Minnesota, to be authorized by the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body (The Cyber AB) as a CMMC Certified Third Party Assessment Organization (C3PAO).  CyberNINES successfully passed its CMMC Level 2 assessment administered by the Department of Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) during the first week of August 2022.

The CMMC is a unified cybersecurity standard for Department of Defense (DoD) acquisitions which will boost the cybersecurity posture of the Defense Industrial Base (DIB). The CMMC assumes adherence to the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 self-assessment model continuously used as the cybersecurity framework since 2017. This new certification will require third party evaluation of each business to determine whether a contractor is secure enough to work with the DoD and participate in the DIB. CMMC aims to ensure that all contractors dealing with the DoD can protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).

“As a 30-year Navy veteran, protecting our nation has been a mission all my life.  I know I share that mission with everyone at CyberNINES,” said Scott Singer, President.  “By going through the vigorous process of being assessed by the DoD against all 110 NIST Practices and 320 Assessment Objectives, we are uniquely positioned to assist businesses prepare for compliance or conduct their third-party assessment.”  

As an authorized C3PAO, CyberNINES will initially offer three services to Organizations Seeking Certification (OSCs): CMMC Gap Assessments, CMMC Level 2 Readiness Reviews, and CMMC Level 2 Assessments (anticipated to begin soon with the voluntary assessment program). More information is available via the company’s website at

About CyberNINES

CyberNINES is a Service-Disabled Veteran-Owned Small Business (SDVOSB) focused on cybersecurity services that provides high value and affordable CMMC & NIST SP 800-171 assessments, audits and compliance management to small and medium-size business within the DoD Supply Chain. Our solutions include Government Cloud solutions for Controlled Unclassified Information (ITAR and 600 Series) to meet DFAR 252.204-7012, 7019 and 7020 regulations and virtual CISO services to limit the cybersecurity risk posture of suppliers and primes.

With offices in Wisconsin, Minnesota, Connecticut, and northern California, CyberNINES is poised to assist companies coast-to-coast with their cyber security assessments or meeting compliance with NIST SP 800-171 or CMMC.  Schedule a meeting or send us an email at [email protected].

About CMMC

The Cybersecurity Maturity Model Certification (CMMC) is a major Department of Defense (DoD) program built to protect the defense industrial base (DIB) from increasingly frequent and complex cyber attacks. It particularly aims to enhance the protection of controlled unclassified information (CUI) and federal contract information (FCI) shared within the DIB.

The Cyber AB –

DoD website –