Titania launched new tool to automate checks of core network security practices of the defense industrial base to meet the specifications set by the Department of Defense (DoD) under its CMMC standards. It is the solution with dedicated built-in capabilities that address these new requirements, which affect over 300,000 companies in the defense supply chain that are responsible for protecting sensitive information.
The module is available as part of Titania’s Nipper solution, a software that accurately identifies exploitable vulnerabilities in firewalls, switches, and routers and automatically prioritizes recommended mitigations by RMF compliance and/or security risk. Nipper, used by all four arms of the DoD, also provides exact technical fixes to help organizations remediate misconfigurations and stay secure.
Now, the new module automates the audit process for dozens of the most mission critical CMMC security practices for the core network. It produces a CMMC assessor-ready report that indicates compliance within minutes and provides a list of priorities and remediation advice to address any issues. So, as well as the solution saving organizations one hour of audit time per device – which can account for as much as $200 per device – the module can also be used to significantly reduce the mean time to remediate and bring about security from compliance.
“The federal government can’t afford another cyberattack like the one that targeted the SolarWinds. It’s one of the reasons why the DoD is mandating all suppliers to demonstrate an appropriate level of proactive cybersecurity. Anyone who does or wants to do business with the Pentagon will need to comply and that won’t come easily to many,” said Matt Malarkey, VP, Strategic Alliances, Titania North America.
“We’ve developed this new module to help businesses of all sizes quickly and cost-effectively fulfill the requirement by assessing compliance, generating evidence, and providing insight into what vulnerabilities need fixing so that suppliers can both stay compliant and prioritize the remediation of any critical issues first,” continued Malarkey.
All contractors and service providers that render services to the DoD and handle sensitive government information will be required to comply with CMMC standards and become CMMC accredited which includes having compliance checked and verified by a third party every three years. Failing to comply could cost an organization their eligibility for government contracts.
Since all DoD contracts will have a CMMC requirement by 2025, Titania Nipper’s new module will quickly get suppliers on the path to meet these standards. It will help businesses achieve compliance with up to 89% of CMMC core network device practices.
Colin Bowers, President, Ramparts LLC, a certified CMMC provisional assessor for Levels 1-3 said, “I have used NIPPER’s new CMMC Module as a tester, assessor, tool developer, and security network designer. I’ve found it not only saves time but has provided objective evidence that can be used during a CMMC assessment and remediation options during CMMC pre-assessments.”
Nipper’s on-demand CMMC tool provides accurate automated assessment for 18 of the 24 (75%) security practices related to core network devices where automation is possible. It also provides evidence for manual assessment for the remaining six.
Some of the additional benefits include the ability to:
- Establish a baseline to create a roadmap to compliance
- Document evidence within findings in Certified Assessor ready formats.
- Outline exact technical fixes so misconfigurations can be addressed.
Titania’s CMMC’s Module is available immediately.