Granite Achieves Cybersecurity Maturity Model Certification (CMMC) Level 2

WATSONVILLE, Calif.--(BUSINESS WIRE)--Granite (NYSE:GVA) announced today that the company has achieved Cybersecurity Maturity Model Certification (CMMC) Level 2. This milestone enhances Granite’s ability to serve federal clients and protect sensitive government data. The CMMC program is currently undergoing a phased rollout, with many new federal contracts requiring CMMC as of November 10, 2025. By October 31, 2026, all Department of War contracts will require the appropriate CMMC certificate. To date, Granite is one of fewer than 500 of the federal government’s anticipated 80,000 firms to have successfully acquired the CMMC Level 2 certification.

The CMMC framework requires government contractors to certify their cybersecurity practices. In a recent assessment, Granite achieved an almost impossible perfect score, successfully passing all 110 security requirements and meeting 320 assessment objectives.

“Our performance on the assessment is a remarkable accomplishment,” explains Granite Chief Technology Officer, Malcolm Jack. “Our Federal and Cybersecurity teams have invested and worked diligently over the last two years to align our infrastructure, policies, and training with the CMMC framework.”

CMMC Level 2 is especially critical for infrastructure contractors like Granite, as it is required for organizations that work on federal projects to handle Controlled Unclassified Information. By meeting these rigorous government standards, Granite can continue bidding on high-value federal contracts.

“Level 2 is a transformative milestone for Granite,” adds Granite Vice President of Federal Operations, Curt Haldeman. “We are ahead of the curve and ready to tackle CMMC contracts for our federal clients and partners. Thanks to the team for their dedication in pursuing this achievement.”

About Granite

Granite is America’s Infrastructure Company™. Incorporated since 1922, Granite (NYSE:GVA) is one of the largest diversified construction and construction materials companies in the United States as well as a full-suite civil construction provider. Granite’s Code of Conduct and strong Core Values guide the Company and its employees to uphold the highest ethical standards. Granite is an industry leader in safety and an award-winning firm in quality and sustainability. For more information, visit the Granite website, graniteconstruction.com, and connect with Granite on LinkedIn, X, Facebook, and Instagram.

View source version on businesswire.com: https://www.businesswire.com/news/home/20251208000105/en/

Granite Contacts

Media

Erin Kuhlman - 831-768-4111

Investors

Wenjun Xu - 831-761-7861

Source: Granite