Defense Contractors
Foreign adversaries and criminal organizations are, in particular, targeting the nation’s 300,000 defense contractors in the supply chain.
This is why the U.S. Department of Defense (DoD) issued the Cybersecurity Maturity Model Certification (CMMC) to raise the bar and make the supply chain stronger to combat the threat.
If you have not yet completed your NIST 800-171 basic assessment, sign up for the CyberCatch Continuous Compliance Assessment (CCA) Solution.
THE PROBLEM:
Even if you have completed your NIST 800-171 basic assessment and reported your score in SPRS, you must now test your controls as mandated. Otherwise you will be out of compliance and be subject to False Claims Act legal liability and equally important, you will not be secure from the bad guys.
NIST 800-171 Security Control Requirements:
3.12.1
“Periodically assess the security controls...to determine if the controls are effective…”
POINT VALUE: 5
3.12.2
“Develop and implement plans of action designed to correct deficiencies…”
POINT VALUE: 3
3.12.3
“Monitor security controls on an ongoing basis to ensure the continued effectiveness of the controls.”
POINT VALUE: 5
If you are not continuously testing your controls and fixing deficiencies, then you are not secure and inviting bad guys to break in easily. Not only that, but you are also out of compliance with NIST 800-171 and the 110 score you reported in SPRS is inaccurate, and in reality, it is 97 (110 – 13 points).
THE SOLUTION:
AUTOMATED CONTROLS TESTING
Sign up for the CyberCatchAutomated Controls Testing (ACT) Solution.
Highly Effective. Most Affordable.
Ready to Get Started?
