Decian Inc.

11/11/2025

I am honored that I had the opportunity to put on a military uniform and serve my country. It serves as a great source of satisfaction that I played a small part in preserving the freedom we all have I’m grateful for all those before me, those that serve now and for those to come. I will never forget the lessons and the experiences that my service afforded me and continues to provide me even post active duty. Happy Veterans Day! Thank you for your service.

11/06/2025

Here's something for all of us to think about and share.

06/04/2025

🚨 5 Cybersecurity Trends That Will Shape 2025 - 2030 🚨
The future of security is already here. Here’s what the Cybersecurity team at Decian is preparing for: 🔍 AI-powered attacks & defenses
🔐 Zero Trust becoming non-negotiable
🧬 Quantum-ready encryption
📊 Cyber as part of ESG reporting
🔗 Supply chain risk goes mainstream Cybersecurity isn’t just a technical issue—it’s a strategic priority. Visit www.decian.com for more!

06/04/2025

05/30/2025

✅ 3 Things Your Firewall Can’t Stop 🛡️ Think Your Firewall Has You Covered? Think Again. 🛡️
Firewalls are powerful—but can be blind to some of the emerging threats today: 🎭 Social engineering & phishing
👤 Insider threats from employees
🔑 Credential stuffing with stolen passwords Cybersecurity isn’t just perimeter defense—it’s people, process, and awareness. Visit www.decian.com for more!

05/29/2025

🕒 Because downtime costs more than money.📉 IT shouldn’t be something you have to think about.
At Decian, we specialize in keeping companies like yours compliant, operational, and under budget—so you never need to call us twice.🔒 Cybersecurity.
🖥️ Infrastructure.
🛠️ Responsive Support.
All in one MSP you can count on, not babysit.✅ Built for C-level leaders who:
• Know tech
• Order their own gear
• Don’t want to waste time🔍 If that sounds like you, let’s talk.
📲 https://www.decian.com/contact – “Ask About a Complimentary Assessment” or “Learn More”

03/23/2022

Here's what your company needs to know about the CMMC Levels of Operation. Here at Decian we can help you become CMMC Compliant. Check it out!

CMMC Level 1:
CMMC Level 1 is the base level of certification and consists of practices that correspond to basic safeguarding requirements in Federal Acquisition Regulation (FAR) clause 52.204-21. This lowest level consists of 17 basic cyber security practices such as implementing Identity and Authentication and basic Access Controls. Level 1 is all about protecting Federal Contract Information (FCI) and will be required for anyone who obtains a DoD contract but does not produce solely Commercial Off the Shelf products. The vast majority of DOD contracts will require this level of certification.

Level 2:
The purpose of Level 2 seems to be to create a base level of cyber security for any organization who has Controlled Unclassified Information (CUI) in their organization and as such requires a higher level of security than those who only have FCI. CMMC Level 2 certification will require written policies for each of the 17 domains covered by the CMMC as well as documented practices for implementing the policies for each domain. It will also be a more extensive set of security practices that are a subset of the security requirements listed in NIST SP 800-171 with a total of 55 additional practices to put in place in addition to those listed in Level 1.

We see this Level as a transitionary step in preparation for Level 3 which will not make business sense for most organizations as it does not allow for the handling of CUI yet.

CMMC Level 3:
At CMMC Level 3 the focus is on protecting CUI, fleshing out the base security practices established in Levels 1 & 2, and increasing the overall security of the organization. CMMC Level 3 certification will require that the organizations establish, maintain, and resource a plan that demonstrates the management of activities for the implementation of CMMC. The practices encompass all the security requirements in NIST SP 800-171 as well as additional practices and standards for a total of 58 new practices on top of those required for a Level 2 implementation.

If your organization handles both – FCI and CUI – you will have to meet CMMC Level 3 requirements or higher. This is why we expect this to be the second most – if not most frequently mandated maturity requirement of all CMMC Certification Levels. The vast majority of our clients are required to comply with CMMC Level 3 requirements.

CMMC Level 3 is a considerable step up from the levels 1 & 2 which impacts both, timeline and cost. For an overview of the CMMC implementation process with time estimates for a CMMC Level 3 implementation see here.

CMMC Level 4:
If an organization is required to achieve Level 4 certification then the main focus shifts to enhancing the organizations effectiveness of protecting CUI from Advanced Persistent Threats (APTs). While it does not have as many new practices to implement as Levels 2 and 3 did, the practices listed are much more complex and time consuming to both implement and maintain. CMMC Level 4 will require that an organization review and measure practices for effectiveness as well as implement a subset of enhanced security practices from DRAFT NIST SP 800-171B and other security best practices for a total of 26 additional practices on top of those required for Level 3.

Ecuron estimates that less than 100 companies will be required to become CMMC Level 4 compliant.

Level 5:
CMMC Level 5 will require that organizations standardize and optimize process implementation across the organization. This level is again focused on the protection of CUI from APTs and as such implements many more advanced security practices for the organization. The additional practices will increase the depth and sophistication of cybersecurity abilities for the organization and consists of an additional 15 practices above CMMC Level 4.