ATLANTA — June 23, 2020 — Cybersecurity and compliance management software innovator Apptega today announced the Cybersecurity Maturity Model Certification (CMMC) framework is now available within the Apptega platform. The CMMC framework enables Department of Defense (DoD) contractors and subcontractors to demonstrate compliance with each of the controls within the appropriate certification level as defined by CMMC. This will be a standard requirement for all DoD-related contracts and potentially impacts over 300,000 organizations who will need to be CMMC compliant.
CMMC has created compliance standards and a certification process all organizations must complete to bid on or renew DoD contracts. DoD contractors have been required to comply with cybersecurity guidelines since 2018, but with inconsistent methods used to evaluate compliance with protocols. As a result, as cyber-risks have increased, the assessment of the measures taken to protect sensitive data varies widely, dependent on self-attestations with no standards of accountability. To remedy this and ensure the protection of sensitive data, the U.S. government established the Cybersecurity Maturity Model Certification (CMMC) program to go into effect in the fall of 2020.
“The certification requirement created by CMMC establishes a new, clearly defined cybersecurity compliance threshold for hundreds of thousands of DoD contractors and their subs,” said Armistead Whitney, CEO of Apptega. “Apptega now makes it easy for organizations of all sizes to quickly build, manage and report CMMC compliance, enabling them to serve the DoD community quickly and efficiently while focusing on their core business. With Apptega, our customers and partners will be able to efficiently and cost effectively implement the hundreds of requirements CMMC mandates. Along with our growing network of CMMC consultants and certifying bodies, we’re proud to help these organizations simplify the new certification process and ensure compliance.”
The new CMMC framework in Apptega makes it easy for DoD contractors and their subs to quickly identify and select the appropriate certification level. With all CMMC controls predefined for the first three certification levels, organizations can assess their current state of compliance, identify gaps and assign remediation tasks. If an organization is already aligned to a related cybersecurity framework such as NIST SP 800-171, they can instantly determine their initial degree of CMMC compliance using Apptega’s Harmony mapping capability between the frameworks.
“The impact of the new CMMC requirement on DoD contractors and their subs cannot be overstated,” said Dr. Pete Dowdy, Sr. Director, Information Security at Envistacom. “For those organizations with access to Controlled Unclassified Information (CUI), the scrutiny will be especially detailed, and the results will be binary – you must pass the certification to have the opportunity to execute future DoD contracts. The new CMMC framework in Apptega, combined with the platform’s cybersecurity management and reporting capabilities, greatly simplifies the certification process and helps these organizations ensure compliance with minimal overhead.”
The new CMMC framework is now available for use by all Apptega customers. The Apptega CMMC Compliance Guide can be downloaded here: https://info.apptega.com/resources/cybersecurity-compliance-guide/cmmc.