Key Takeaways
- Peraton has earned final Level 2 certification under the Department of War’s Cybersecurity Maturity Model Certification (CMMC) program, validated by a third‑party assessment organization.
- The certification confirms compliance with all 110 security controls in NIST SP 800‑171, safeguarding Controlled Unclassified Information (CUI) and federal contract data.
- CEO Steve Schorer said the achievement reinforces Peraton’s commitment to the Department of War and its role as a trusted national‑security partner.
- Level 2 certification strengthens Peraton’s security posture, ensures mission continuity for customers, and demonstrates readiness for upcoming CMMC 2.0 mandates.
- The Department of War began phased CMMC 2.0 implementation in November 2025, with Phase 2 launching Nov. 10, 2026, making Level 2 certification mandatory for contractors handling sensitive data.
- Industry readiness remains low; an October report showed only a small fraction of defense contractors are fully prepared for final certification.
- The Potomac Officers Club’s 2026 Cyber Summit (May 21) will feature DOW leaders, agency officials, and expert panels discussing CMMC, cyber initiatives, and evolving threats.
Overview of Peraton’s CMMC Level 2 Certification
Peraton has achieved final Level 2 certification under the Department of War’s Cybersecurity Maturity Model Certification (CMMC) program. This milestone positions the company to continue supporting national security missions without interruption. The certification was confirmed after a rigorous evaluation by an independent third‑party assessment organization, which verified that Peraton meets the stringent cybersecurity requirements necessary to protect controlled unclassified information and federal contract data.
Validation of Certification by a Third‑Party Assessor
The third‑party assessment organization conducted a comprehensive review of Peraton’s security controls, policies, and procedures. Their validation confirms that the company has successfully implemented all required safeguards and is therefore compliant with the CMMC Level 2 framework. This independent verification adds credibility to Peraton’s claim of robust cybersecurity practices and reassures government customers that their data remains protected.
Leadership Commentary on the Achievement
Steve Schorer, chairman and CEO of Peraton and a four‑time Wash100 awardee, highlighted the significance of the certification. He stated, “Peraton has long demonstrated the advanced technologies, workforce expertise, and proven safeguards to protect our nation’s most sensitive data and information.” Schorer added that the CMMC achievement reinforces the company’s commitment to the Department of War and solidifies Peraton as a trusted partner in support of national security operations, critical missions, and defense priorities.
What Level 2 Certification Entails
CMMC Level 2 requires contractors to implement all 110 security controls outlined in National Institute of Standards and Technology Special Publication 800‑171 (NIST SP 800‑171). These controls are specifically designed to safeguard Controlled Unclassified Information (CUI) and other sensitive defense data. By meeting these requirements, Peraton demonstrates a mature cybersecurity posture that includes access control, incident response, system and communications protection, and continuous monitoring, among other domains.
Impact on Security Posture and Mission Continuity
Peraton emphasized that the certification strengthens its overall security posture, ensuring mission continuity for its customers. The rigorous controls help prevent data breaches, mitigate insider threats, and enhance resilience against cyberattacks. As a result, government agencies can rely on Peraton to maintain uninterrupted support for critical defense and national‑security operations, even as the threat landscape evolves.
Invitation to the Potomac Officers Club 2026 Cyber Summit
To further explore CMMC and related cybersecurity topics, Peraton encourages stakeholders to attend the Potomac Officers Club’s 2026 Cyber Summit on May 21. The event will feature prominent Department of War leaders, including Pentagon cyber policy official Katherine Sutton and Chief Information Security Officer Aaron Bishop. Additionally, senior officials from the Air Force, Army, FBI, and other agencies will participate in insightful panel discussions covering cyber initiatives, emerging threats, and the future of defense cybersecurity.
CMMC 2.0 Implementation Timeline by the Department of War
The Department of War began a phased implementation of the CMMC 2.0 framework in November 2025, transitioning from a voluntary to a mandatory compliance model for contractors handling sensitive data. This phased approach allows the defense industrial base to adapt gradually while ensuring that cybersecurity standards become a prerequisite for future contracts.
Details of Phase 2 Rollout and Mandatory Requirements
Phase 2 of the CMMC 2.0 rollout commences on November 10, 2026. At that point, contractors will be required to secure Level 2 certification to participate in solicitations and be awarded federal contracts involving CUI or other protected information. The mandate underscores the Department of War’s commitment to raising the cybersecurity baseline across the supply chain and reducing risk to national‑security assets.
Industry Readiness Challenges
Despite the impending deadline, industry readiness remains limited. A report issued in October found that only a small percentage of defense contractors are fully prepared to meet the final certification requirements. Many organizations still need to invest in technology upgrades, workforce training, and process improvements to achieve compliance. This gap highlights the urgency for contractors to begin preparations now to avoid disruption in their ability to compete for future defense work.
Conclusion and Outlook
Peraton’s attainment of CMMC Level 2 certification not only affirms its current cybersecurity capabilities but also positions the company favorably for the upcoming mandatory CMMC 2.0 environment. As the Department of War tightens its cybersecurity expectations, Peraton’s validated compliance will help ensure uninterrupted support for critical missions. Stakeholders are encouraged to leverage upcoming events like the Potomac Officers Club Cyber Summit to stay informed, share best practices, and collectively strengthen the defense industrial base’s resilience against evolving cyber threats.