Elodie Collins 
Peraton has achieved final Level 2 certification under the Department of War’s Cybersecurity Maturity Model Certification program, positioning the company to continue supporting national security missions without disruption.
The certification, validated by a third-party assessment organization, confirms compliance with cybersecurity requirements for protecting controlled unclassified information and federal contract data, Peraton said Tuesday.
Gain a deeper understanding of CMMC requirements at the Potomac Officers Club’s 2026 Cyber Summit on May 21. DOW leaders, including the Pentagon’s cyber policy official Katherine Sutton and Chief Information Security Officer Aaron Bishop, will take the stage at the event to discuss the cyber initiatives and evolving cyberthreats to the nation. Key figures from the Air Force, Army, FBI and other agencies will also participate in insightful panel discussions. Do not miss your chance to hear from the people shaping the cyber landscape. Sign up today to secure your seat.
What Does Peraton’s CMMC Level 2 Certification Mean?
Level 2 certification requires contractors to implement all 110 security controls outlined in National Institute of Standards and Technology Special Publication 800-171, which are designed to safeguard sensitive defense information.
The company said the certification strengthens its security posture, ensures mission continuity for customers and reinforces its role as a trusted partner supporting defense and national security operations.
“Peraton has long demonstrated the advanced technologies, workforce expertise, and proven safeguards to protect our nation’s most sensitive data and information,” Steve Schorer, chairman and CEO of Peraton and a four-time Wash100 awardee, stated. “This CMMC achievement reinforces our commitment to the Department of War and solidifies Peraton as a trusted partner in support of national security operations, critical missions and defense priorities.”
How Does CMMC 2.0 Impact the Defense Industrial Base?
DOW began phased implementation of the CMMC 2.0 framework in November 2025, transitioning from a voluntary to a mandatory compliance model for contractors handling sensitive data. Phase 2 of the rollout commences on Nov. 10. It will require contractors to secure Level 2 certification to participate in solicitations.
Despite the rollout, industry readiness remains limited. A report issued in October found that only a small percentage of defense contractors are fully prepared for final certification requirements.
