West Chester, PA (March 23, 2026)—Weston Solutions, Inc. has achieved Cybersecurity Maturity Model Certification (CMMC) Level 2, confirming the company’s ability to protect Controlled Unclassified Information (CUI) in support of U.S. Department of Defense (DoD) programs.
Weston is among the first 1,000 DoD contractors out of 120,000 contractors who need it to earn CMMC Level 2 certification, an early milestone that reflects the company’s sustained investment in cybersecurity governance, secure infrastructure, and disciplined operational controls.
This achievement reflects cross functional effort across the firm, especially from the IT and Security teams who strengthened Weston’s secure CUI environment, updated policies and procedures, and prepared objective evidence for a rigorous third party assessment conducted by Redspin, Weston’s Authorized CMMC Third Party Assessment Organization (C3PAO).
CMMC Level 2 requires organizations to demonstrate implementation of security requirements aligned with National Institute of Standards and Technology (NIST) Special Publication 800-171 Rev. 2 and to undergo an independent assessment by an authorized third party (C3PAO). The ability to meet these requirements provides the DoD and partners with increased assurance that sensitive information is safeguarded throughout the defense supply chain.
For federal agencies and prime contractors, this certification provides objective, third‑party validation that required safeguards are implemented and operating correctly, reducing supply‑chain cyber risk and helping streamline vendor qualification for programs involving CUI. It also strengthens confidence that project information is protected while teams stay focused on delivery.
“Earning CMMC Level 2 is a meaningful validation of how we operate, protecting sensitive information while delivering mission‑critical work for our federal and defense sector clients,” said Steven F. Blarr, P.E., Esq., SVP, Chief Legal Officer at Weston. “This certification strengthens our readiness to support current and future DoD requirements and reinforces the trust our clients place in us.”
The certification reinforces Weston’s role as a trusted partner on programs where cyber resilience, supply‑chain security, and compliance are non‑negotiable, helping clients meet contract requirements and protect sensitive project information across distributed teams, subcontractors, and environments.
Under the CMMC program, Level 2 certification is maintained on a 3‑year cycle with annual affirmations of continued compliance. Weston will continue to invest in cybersecurity and operational discipline to keep pace with evolving threats and requirements. If you have any questions regarding Weston’s CMMC certification, please contact Compliance@WestonSolutions.com.
About Weston Solutions
Weston Solutions is a U.S.-based, 100% employee-owned environmental and infrastructure services firm committed to safety and delivering client value on every assignment. For over 65 years, we have solved our clients’ most difficult challenges while making a difference in the communities we serve.