Home Insights Press Releases Optiv Announces Cybersecurity Maturity Model Certification (CMMC) Solution to Guide Organizations Through Federal Regulations February 16, 2021 Optiv Announces Cybersecurity Maturity Model Certification (CMMC) Solution to Guide Organizations Through Federal Regulations -- Fully Integrated Federal Business Strategy Designed to Keep Companies Working as U.S. Government Tightens Rules on Contractors -- DENVER – February 16, 2021 – Optiv Security, a security solutions integrator delivering end-to-end cybersecurity solutions, today announced new capabilities to help clients navigate Cybersecurity Maturity Model Certification (CMMC), a set of DOD regulations aimed at keeping the United States government supply chain safer by requiring 300,000+ defense contractors to protect sensitive information. “Businesses worldwide are experiencing a dramatic escalation of threats in cyberspace – from nation states, criminal organizations, extremists, company insiders, and hacktivists – and these threats have been steadily growing in sophistication,” said General David H. Petraeus (U.S. Army, Ret.) Partner, KKR and Chairman of the KKR Global Institute and Optiv Board Member. “Firms must upgrade their cyber defenses, and Optiv is determined to provide American companies with the most effective and most efficient comprehensive, integrated, managed cybersecurity solution possible.” While full implementation of CMMC is not expected until 2025, Optiv urges organizations to act now. To reduce risk as CMMC is rolled out, the DOD has implemented new rules on the Federal Register that require contracting partners to submit a self-assessment and associated documentation to bid on new contracts. As DFARS 252.204–7021 Cybersecurity Maturity Model Certification Requirement goes into effect, contractors must obtain and maintain a level of certification, by a CMMC Third-Party Assessment Organization (C3PAO). Without C3PAO certification at the required maturity level, Defense Industrial Base (DIB) contractors may not be able to view or bid on contracts. “Most organizations view CMMC as another compliance requirement,” said Justin Williams, Optiv managing partner. “This is much more than a compliance audit, it’s a new way of doing business with the federal government. Without certification, an existing or potential defense contractor may not be able to view or bid on new contracts.” Image “We understand the challenges being faced by large enterprises and small businesses around the country. The DIB supply chain must think strategically about their federal security strategy in pursuing opportunities bound by DFARS and CMMC regulatory requirements. It is imperative to support the DOD on this venture, while protecting the DIB, and supporting our nation’s small, medium, and large businesses.” To learn more about CMMC and how Optiv can help, read our whitepaper or visit www.optiv.com. Follow Optiv Twitter: www.twitter.com/optiv LinkedIn: www.linkedin.com/company/optiv-inc Facebook: www.facebook.com/optivinc YouTube: www.youtube.com/c/OptivInc Blog: www.optiv.com/explore-optiv-insights/blog Optiv Security: Secure greatness.™ Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to more than 7,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com. Share: Related Insights Image Critical Areas in Evaluating Third-Party Risks February 04, 2021 This post addresses key areas organizations should evaluate when reviewing or building out third-party risk management programs. See Details Blog Image EDR and Blending In: How Attackers Avoid Getting Caught February 03, 2021 Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote. See Details Blog Image Risk Assessments Service Brief June 26, 2020 Our risk assessments provide a holistic view of cyber risk throughout your organization or agency. See Details Download How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.