in Cybersecurity, News

ICF Secures CMMC Level 2 Certification

Kyle Tuberson
ICF's Kyle Tuberson. ICF secured CMMC Level 2 certification, confirming compliance with federal data protection requirements.
Kyle Tuberson CTO ICF

ICF has secured Cybersecurity Maturity Model Certification Level 2, marking compliance with federal requirements for protecting sensitive government information across defense and civilian agency programs.

ICF Secures CMMC Level 2 Certification - top government contractors - best government contracting event

As cyber threats intensify, the DOW’s CMMC program plays a critical role in protecting sensitive information. Explore more key initiatives shaping cybersecurity at the Potomac Officers Club’s 2026 Cyber Summit on May 21. Sign up now!

What Does the Certification Mean?

The company said Thursday that the CMMC Level 2 certification validates that it has implemented cybersecurity practices required to safeguard controlled unclassified information. The certification confirms that the company meets the Department of War standards required to support contracts involving sensitive national security data.

By meeting these standards, ICF can assist federal agencies in mitigating delays associated with authorizations to operate, accelerating program launches and minimizing implementation risks for defense and civilian agency programs.

How Did ICF Obtain CMMC Level 2?

A certified third party assessor organization conducted a comprehensive review confirming ICF met all required CMMC Level 2 controls and assessment objectives. According to ICF Chief Technology Officer Kyle Tuberson, the milestone reflects the company’s focus on providing advanced data modernization capabilities.

“Securing CMMC Level 2 certification is a significant milestone for ICF and reflects our dedication to maintaining the highest standards of cybersecurity in our operations to meet defense contract requirements,” said Tuberson.

What Is the Cybersecurity Maturity Model Certification Rule?

The CMMC rule updates the Defense Federal Acquisition Regulation Supplement to require mandatory cybersecurity standards for defense contractors handling sensitive data. Revised as CMMC 2.0 to streamline requirements, the program includes three certification levels aligned to data sensitivity and will be implemented in four phases over three years, gradually transitioning DOW contracts to the new certification standards.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

mm

Written by Miles Jamison

Randy Fields
Randy Fields. The Ultra I&C CTO sat for his first Executive Spotlight interview and discussed model context protocol and data
Ultra I&C CTO Randy Fields: Why MCP Could Be the ‘Connective Tissue’ for Defense AI
Susanne Hake / Maxar Intelligence
Susanne Hake. The Vantor EVP commented on the NGA Luno B contract award for AI-based change detection insights.
Vantor Secures NGA Luno B Contract for AI-Based Change Detection Capabilities