in Cybersecurity, News

Google Public Sector Earns CMMC Level 2 Certification

Ron Bushar
Ron Bushar. The managing director of Google Public Sector discussed the company’s achievement of CMMC Level 2 certification.
Ron Bushar CISO Google Public Sector

Google Public Sector has achieved Level 2 certification under the Department of Defense’s Cybersecurity Maturity Model Certification program.

Google Public Sector Earns CMMC Level 2 Certification - top government contractors - best government contracting event

Cyber threats are escalating, and government data has become the new frontline of international conflict. Don’t miss your chance to join the conversation at the Potomac Officers Club’s 2026 Cyber Summit on May 21. Connect with top cyber officials and gain critical insights on zero trust readiness and emerging defense strategies. Secure your spot now!

In a blog post published Tuesday, Ron Bushar, managing director and chief information security officer of Google Public Sector, wrote that the certification validates the ability of his organization’s internal systems handling controlled unclassified information to meet DOD cybersecurity standards.

What Is the Importance of CMMC Level 2 Certification for Google Public Sector?

“This CMMC Level 2 certification is a key enabler for our partnership with the DoD. It ensures our teams can operate and collaborate within the defense ecosystem fully supporting the new DoD requirements, allowing us to serve as a trusted partner and support the mission without compromise,” Bushar said.

He noted that the company also supports defense industrial base partners in achieving CMMC compliance. Google Workspace and other FedRAMP-authorized cloud services provide secure cloud, artificial intelligence and data capabilities for DIB suppliers.

Google’s resources, including the Google Workspace CMMC Implementation Guide, offer configuration details and control mappings to help contractors accelerate assessments and develop CMMC-compliant environments.

What Is DOD’s CMMC 2.0 Program?

Google Public Sector’s CMMC Level 2 certification comes as DOD begins the phased rollout of CMMC 2.0, marking the end of the program’s voluntary phase.

Bushar said CMMC is a DOD program designed to strengthen cybersecurity across the DIB. The initiative seeks to verify whether contractors have implemented the required security controls based on National Institute of Standards and Technology Special Publication 800-171 to protect CUI and federal contract information.

The CMMC rule, published in the Federal Register in September, amends the Defense Federal Acquisition Regulation Supplement, or DFARS, and introduces mandatory cybersecurity standards for defense contractors.

According to Bushar, contractors familiar with DFARS 252.204-7012 will now see requirements incorporated through the clause DFARS 252.204-7021, which mandates achieving specified CMMC levels to qualify for contracts.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

Ryan Hinkle/Hitachi Vantara Federal
Ryan Hinkle. The Hitachi Vantara Federal head of sales sat down with ExecutiveBiz for a Spotlight interview.
Ryan Hinkle: Leading Hitachi Vantara Federal Sales Into the ‘One Hitachi’ Era
Photo / anduril.com
Solid rocket motor. Raytheon and Lockheed Martin have partnered with Avio to build an advanced solid rocket motor facility.
Raytheon, Lockheed Martin Partner With Avio to Open US Solid Rocket Motor Facility