%203.svg){kind=logo}
Barge Achieves Cybersecurity Maturity Model Certification (CMMC) Level II
- Update:9/17/2025
Barge has successfully achieved Cybersecurity Maturity Model Certification (CMMC) Level II following a rigorous third-party C3PAO (CMMC Third-Party Assessor Organization) assessment completed on August 12, 2025. This accomplishment positions Barge among a select group of engineering and design firms that have voluntarily achieved certification before the government-mandated deadline to safeguard sensitive federal information in alignment with U.S. Department of Defense (DoD) standards.
The CMMC is the DoD’s framework for strengthening cybersecurity across the Defense Industrial Base. Achieving Level II certification confirms that Barge has the systems, processes, and culture in place to protect Controlled Unclassified Information (CUI)—a critical requirement for supporting federal contracts.
“Achieving CMMC Level II certification is more than a compliance milestone—it is a reflection of our unwavering commitment to the clients we serve and their missions,” said Barge CEO Carrie Stokes. “Federal partners trust us with some of their most important work. This certification demonstrates that Barge is prepared to deliver securely, responsibly, and with the highest level of integrity.
Barge’s journey to certification was a multi-year, enterprise-wide effort involving IT leaders, compliance experts, and federal program specialists. The company also partnered with leading cybersecurity organizations to achieve this milestone:
- CyberSheath provided managed services for Barge's secure enclave environment. The company ensured that Barge’s environment stayed up to date with CMMC Level II requirements by maintaining security controls, ongoing compliance monitoring, and technical infrastructure management.
- Cybersec Investments, an accredited Certified Third-Party Assessor Organization (C3PAO), conducted Barge’s official CMMC Level II assessment. Their review included detailed analysis of security documentation, interviews with Barge staff, and testing to validate all 110 NIST SP 800-171 controls. Upon completion, Cybersec confirmed Barge’s compliance and granted certification.
“This achievement reflects the discipline and dedication of our teams,” said Chris Brown, SVP, Director - Federal at Barge. “CMMC Level II requires organizations to prove that their security controls are working every day, across every system. We built and refined the processes, trained our workforce, and documented every step to ensure compliance is sustainable. Our clients can have confidence that their information is protected.”
With this certification, Barge affirms its ability to compete for a broad range off federal contracts, strengthening its role as a trusted partner to defense and government agencies. The company will maintain certification through ongoing monitoring, third-party assessments, and executive oversight.
About CyberSheath
Established in 2012, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at www.cybersheath.com.
