News

The San Diego Supercomputer Center (SDSC) at the University of California San Diego has successfully completed a full assessment under the Cybersecurity Maturity Model Certification (CMMC) framework. This milestone marks SDSC as a trusted, fully compliant hosting platform for Controlled Unclassified Information (CUI) and Federal Contract Information (FCI), opening new doors for defense, research and industry collaborations.

“This is a watershed moment for SDSC and UC San Diego,” said SDSC Director Frank Würthwein. “By earning CMMC certification and expanding our portfolio of regulatory compliant platforms offered through Sherlock Secure Cloud services, we demonstrate that our systems, policies and operations meet the rigorous requirements the Department of War (DOW) now demands. Our scientists, industry partners and government collaborators can now rely on SDSC not just for innovative cyberinfrastructure, but for confidence in the protection of mission-critical data.”

What CMMC Certification Means for SDSC and Its Users

• Validated maturity in cybersecurity: SDSC’s infrastructure, governance, documentation and operational controls were rigorously evaluated to confirm alignment with CMMC requirements.
• Expanded capacity to host sensitive data: With certification in hand, SDSC can now officially host and process CUI for research, development and contract work tied to national security and defense.
• Stronger competitive edge in sponsored research: Ongoing and future projects involving DOW, federal agencies or defense contractors can now be anchored at UC San Diego with SDSC as the secure hosting environment.
• Sustained compliance and continuous improvement: SDSC’s compliance program includes ongoing audits, continuous monitoring and processes for adapting to evolving cybersecurity standards.

SDSC’s Role in Secure Computing
For decades, SDSC has provided high-performance computing, data services and storage to scientists across multiple disciplines. As a key partner and performance site for the research and education high performance computing community, SDSC is now poised to better serve DOW projects that demand the protection of CUI and FCI.

“Our mission has always been to accelerate scientific discovery,” said SDSC Stack Science Division Director Sandeep Chandra. “Today, we reinforce that mission with trust. Partners with the strictest data protection requirements can turn to SDSC with assurance that their work runs on compliant, expertly managed infrastructure.”

“It is gratifying to see the SDSC Sherlock and UC San Diego Information Technology Services (ITS) partnership reach this major milestone, with their multi-year effort to design, build and operate a secure research enclave now formally validated through CMMC certification,” Chandra said. “This accomplishment highlights the dedication and hard work of both teams, whose collaboration has produced a trusted, compliant environment that enables researchers to securely work with regulated data.”

About the CMMC Program
The Cybersecurity Maturity Model Certification (CMMC) is a DOW-mandated framework that establishes unified cybersecurity controls and processes for contractors. It builds on existing standards such as NIST SP 800-171 (National Institute of Standards and Technology Special Publication 800-171: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations), embedding an independent assessment regime, safeguarding sensitive data and validating compliance across multiple maturity levels.

Looking Ahead: SDSC as a Secure Hub for Science and Defense
With the CMMC certification secured, SDSC plans to expand its secure enclave offerings, develop further accreditation (e.g. FedRAMP [Federal Risk and Authorization Management Program] Moderate equivalency when relevant), and onboard new projects that integrate advanced computing, artificial intelligence, and federally sensitive data.

For more information or to inquire about secure computing services at SDSC, contact Sandeep Chandra at 858-534-5031.