Where To Start

Before you click on the “Decision Tree”, you should have prepared by reviewing the information on the Cybersecurity Regulations and FCI/CUI tabs.

The Decision Tree is designed to help defense contractors determine which cybersecurity regulation(s) they should focus on. Since CMMC 2.0 is still in the rulemaking process, the earliest it can be referenced in contracts is the summer of 2023, contractors should focus first on the FAR/DFARS cybersecurity clause(s) in their current contracts or in solicitations.

Click on the “Decision Tree” button to get started with your cybersecurity compliance program!

If you are, or plan to be in the Department of Defense supply chain, you must comply with cybersecurity regulations. To help North Carolina defense contractors understand and implement cybersecurity regulations, multiple State entities and organizations that support the defense industry have established the NC Interagency Cybersecurity Coordinating Committee (I3C). The goals of the committee are to provide defense contractors with 1) up to date and accurate information about cybersecurity regulations and requirements; 2) effective tools they can use to assess their current level of compliance in preparation for DoD certification; and 3) access to reputable companies, institutions and other resources to help them bridge their assessment, compliance, workforce and technical gaps to cybersecurity compliance. 

CyberNC.us is managed by the North Carolina Military Business Center through the North Carolina Interagency Cybersecurity Coordinating Committee (I3C).
Support provided by Fayetteville Technical Community College and NC State University's Secure Computing Institute.

The NCMBC and the I3C are not representatives of the DoD or the CMMC Accreditation body. This website is meant to be a community resource for cybersecurity compliance information.

Copyright 2020, North Carolina Military Business Center.  All Rights Reserved.