Level 3, Expert level, is intended for contractors handling high-value assets and information that are of critical importance to national security. Companies seeking Level 3 certification must demonstrate advanced cybersecurity capabilities to protect against sophisticated, state-sponsored threats and advanced persistent threats (APTs).
Level 3 is based on the requirements outlined in NIST Special Publication 800-172 and builds upon the practices established in Levels 1 and 2. Beyond the 110 practices from NIST SP 800-171 covered in Level 2, Level 3 includes additional enhanced security requirements designed to provide a higher level of protection. These enhanced requirements are tailored to counter APTs and are highly technical, focusing on proactive threat hunting, incident response, and system recovery processes.