Foreign adversaries and criminal organizations are, in particular, targeting the nation’s 300,000 defense contractors in the supply chain.
This is why the U.S. Department of Defense (DoD) issued the Cybersecurity Maturity Model Certification (CMMC) to raise the bar and make the supply chain stronger to combat the threat.
THE PROBLEM:
Even if you have completed your NIST 800-171 basic assessment and reported your score in SPRS, you must now test your controls as mandated. Otherwise you will be out of compliance and be subject to False Claims Act legal liability and equally important, you will not be secure from the bad guys.
“Periodically assess the security controls...to determine if the controls are effective…”
POINT VALUE: 5
“Develop and implement plans of action designed to correct deficiencies…”
POINT VALUE: 3
“Monitor security controls on an ongoing basis to ensure the continued effectiveness of the controls.”
POINT VALUE: 5
If you are not continuously testing your controls and fixing deficiencies, then you are not secure and inviting bad guys to break in easily. Not only that, but you are also out of compliance with NIST 800-171 and the 110 score you reported in SPRS is inaccurate, and in reality, it is 97 (110 – 13 points).
THE SOLUTION:
Sign up for the CyberCatchAutomated Controls Testing (ACT) Solution.
Copyright © 2022 CyberCatch, Inc. All rights reserved. CyberCatch, the CyberCatch Logo, and the CyberCatch products referenced here are trademarks of CyberCatch. USPTO Patent No. 11,297,094. Other product and company names herein may be trademarks of their respective owners.