Optiv Security announced new capabilities to help clients navigate Cybersecurity Maturity Model Certification (CMMC), a set of DOD regulations aimed at keeping the United States government supply chain safer by requiring 300,000+ defense contractors to protect sensitive information.
“Businesses worldwide are experiencing a dramatic escalation of threats in cyberspace – from nation states, criminal organizations, extremists, company insiders, and hacktivists – and these threats have been steadily growing in sophistication,” said General David H. Petraeus (U.S. Army, Ret.) Partner, KKR and Chairman of the KKR Global Institute and Optiv Board Member.
“Firms must upgrade their cyber defenses, and Optiv is determined to provide American companies with the most effective and most efficient comprehensive, integrated, managed cybersecurity solution possible.”
While full implementation of CMMC is not expected until 2025, Optiv urges organizations to act now. To reduce risk as CMMC is rolled out, the DOD has implemented new rules on the Federal Register that require contracting partners to submit a self-assessment and associated documentation to bid on new contracts.
As DFARS 252.204–7021 Cybersecurity Maturity Model Certification Requirement goes into effect, contractors must obtain and maintain a level of certification, by a CMMC Third-Party Assessment Organization (C3PAO). Without C3PAO certification at the required maturity level, Defense Industrial Base (DIB) contractors may not be able to view or bid on contracts.
“Most organizations view CMMC as another compliance requirement,” said Justin Williams, Optiv managing partner.
“This is much more than a compliance audit, it’s a new way of doing business with the federal government. Without certification, an existing or potential defense contractor may not be able to view or bid on new contracts.”
“We understand the challenges being faced by large enterprises and small businesses around the country. The DIB supply chain must think strategically about their federal security strategy in pursuing opportunities bound by DFARS and CMMC regulatory requirements.
It is imperative to support the DOD on this venture, while protecting the DIB, and supporting our nation’s small, medium, and large businesses.”