Solutions: “ The only source of knowledge is experience”.  Albert Einstein

Clarity of thought, built over 100 years of international experience

CMMC Europe is a group of experienced and qualified partners in cyber security, cyber risk management, legal, consulting and executive placement.  Who provide organisations with advisory services for the design and delivery of CMMC compliance, cyber risk management, cyber security oversight and assurance and organisational design.

We have all held senior leadership positions and are experienced in board advisory.   As the founding Partner Andy has provided board level cyber education and awareness to executive and non-executive directors across a range of industry sectors.  As a security professional he is a registered Expert Witness to Counsel and Expert Advisor, a qualified Chartered Security Professional (CSyP) and CSyP assessor, (one of 2 Professional qualifications recognised by the UKs Centre for the Protection of National Infrastructure (CPNI)) and holds a place on the UKs Register of Chartered Security Professionals.  As an engineer he holds Chartered Engineer Status (CEng) and is a member of the Institute of Mechanical Engineers.

Executive cyber education and awareness programmes

The regulatory and legislative environment surrounding cyber security and cyber risk management is changing rapidly.  With a range of regulations such as NYDFS, CCPA, HIPAA, GDPR and PCI-DSS having consequences internationally.  The most striking regulatory change comes from the US DoD in the form of its Cyber Maturity Model Certification (CMMC) regulation.  Which proposes to strengthen the already enforced DFARS 48 CFR § 252.204-7012 and it requirements to embed NIST 800 – 171 cyber security across the US DoDs Defence Industry Base. It is important for the board to understand cyber risk management and the threat cyber posses to their organisations.  For boards to Set appropriate levels of risk appetite, assure the effectiveness of cyber practices and oversee the management of cyber risk.  For listed and non listed companies, securing shareholder value and securing corporate IP, FCI, CUI and PII is critical to maintaining the security of an organisations financial statements.

We deliver bespoke cyber education and awareness programmes to executives and non-executive directors, and board advisory services.

  • What is CMMC and what are its implications?
  • What is cyber security and cyber risk management?
  • How should the board assure and oversight their cyber security capabilities?
  • What does a good CMMC and cyber risk management programme?
  • What does cyber governance look like and how do you implement it?

Chartered Security Professional (CSyP)The Institute of Mechanical Engineers (IMECHE). The UKs largest professional body representing Mechanical Engineers and Chartered Engineers.Security Institute (MSyI)Worshipful Company of Security ProfessionalsAcademy of Experts