First CMMC assessment organization approved
- By Lauren C. Williams
- Jun 16, 2021
The accrediting body overseeing the Defense Department's Cybersecurity Maturity Model Certification program announced June 9 that RedSpin has met requirements for Certified Third-Party Assessment Organizations and passed the CMMC Level 3 assessment administered by the Defense Industrial Base Cybersecurity Assessment Center.
With the first authorized C3PAO organization and more expected this summer, the CMMC-AB's plans to have an operational training ecosystem are taking shape. There are currently 156 organizations awaiting approval, according to the CMMC-AB's marketplace website.
Matthew Travis, the accrediting body's CEO, said the standing up of the first C3PAO, which will be able to conduct CMMC assessments across the defense industry base, was a "significant milestone" amid recent cyber events.
"As recent events emphasize how aggressively cyber threat actors are targeting our nation, the role of CMMC is more vital than ever as we take a united approach to protecting critical assets and information within the Defense Industrial Base," Travis said in a statement announcing the change.
This article first appeared on FCW, a Defense Systems partner site.
Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.
Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.
Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.
Click here for previous articles by Wiliams.