Darley is proud to announce that it has successfully achieved Cybersecurity Maturity Model Certification (CMMC) Level 2, following a rigorous assessment by a Certified Third-Party Assessment Organization (C3PAO). There are roughly 80,000 defense contractors in the USA and Darley was one of the first 300 to receive this certification.
Darley is one of the 50 largest defense contractors in the United States, and this milestone underscores our unwavering commitment to safeguarding Controlled Unclassified Information (CUI) and meeting the stringent cybersecurity requirements set forth by the U.S. Department of War.
The CMMC C3PAO certification Level 2 validates that Darley has implemented all 110 security controls outlined in NIST SP 800-171, ensuring robust protection of sensitive government data. This achievement positions Darley among an elite group of defense contractors prepared for the DOW’s evolving cybersecurity mandates, joining 575 companies that have completed the Level 2 C3PAO assessment process, while more than 7,000 organizations have entered a Level 1 self-assessment score into the Supplier Performance Risk System (SPRS). The Importance of CMMC:
- Compliance with Department of War Requirements: As of November 2025, CMMC Level 2 certification is a prerequisite for bidding on many defense contracts.
- Enhanced Cybersecurity Posture: Certification ensures Darley’s systems, processes, and policies meet the highest standards for protecting CUI.
- Customer Confidence: Validates Darley’s commitment to operational excellence and risk mitigation across the supply chain.
“Achieving CMMC Level 2 certification is a significant milestone for our company
and our customers,” says Paul Darley, Chairman & CEO of Darley. “It demonstrates
our dedication to protecting sensitive information and meeting the highest standards
of cybersecurity.”
