Kristen Smith 
SOSi has achieved Level 2 certification under the Department of Defense’s Cybersecurity Maturity Model Certification 2.0 program, weeks before the security framework takes effect on Nov. 10.
The certification, which aligns with the National Institute of Standards and Technology’s Special Publication 800-171 security requirements, demonstrates “proactive leadership and readiness to exceed evolving federal cybersecurity standards,” SOSi said in a LinkedIn post.
What Does the Certification Mean for SOSi?
The CMMC Level 2 certification requires the implementation of advanced cybersecurity practices, focusing on the protection of controlled unclassified information.
“Achieving CMMC Certification is more than a compliance milestone—it reflects the discipline, teamwork, and technical maturity required to protect sensitive defense information,” said SOSi President and CEO Julian Setian, a four-time Wash100 Award winner. “We’re proud to be among the first in our industry to reach this level ahead of policy implementation, reinforcing SOSi’s role as a trusted, technology-enabled mission partner supporting critical national security operations worldwide.”
The DOD will begin incorporating CMMC requirements into new solicitations as the first phase of CMMC implementation begins. Contractors are required to be certified to be eligible for contracts that involve handling CUI.
How Did SOSi Achieve Early Readiness?
The company credited its cybersecurity, IT and compliance teams, along with its subsidiary Exovera, for completing the audit process and meeting all certification requirements ahead of the CMMC implementation.
SOSi provides technology, intelligence and mission support services to defense, intelligence and homeland security customers in the U.S. and abroad.
