11 November 2020: CREST International and the Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE), hosted by the Information Technology Acquisition Advisory Council (IT-AAC), are proud to announce a Memorandum of Understanding. This partnership will extend efforts to advance the goals and objectives for improving the cyber and supply chain security and resilience of the US Department of Defense (DoD) global Defense Industrial Base (DIB) network of contractors, suppliers, and vendors through an evaluation process intended to validate the capabilities, experience, and integrity of CMMC COE provider partners.
The executed MOU establishes a cooperative agreement between CREST International and the CMMC COE, in coordination with the CMMC COE EU (http://cmmc-eu.com), to partner in the furthering of their respective and complementary missions and objectives regarding the adoption, use and expansion of CMMC based cybersecurity practices for the DIB contractor community and the information and communications technology community. This creates a broader CMMC ecosystem to improve security and resilience across the global defence industrial base.
CREST (www.crest-approved.org) provides internationally recognised accreditations for organisations providing technical security services and also includes professional level certifications for individuals providing vulnerability assessment; penetration testing, cyber incident response; threat intelligence; and security operations centre (SOC) services.
“This is a momentous occasion for us”, said Mr. John Weiler, Chairman of the Board at CMMC Center of Excellence, “Our global expansion will further help advance the goals and objectives for improving the supply chain security and resilience of the US Department of Defense (DoD) beyond North America”.
“This new partnership between CREST and CMMC COE will play an important role in strengthening the resilience and protection of vital critical national infrastructure through structured testing to validate security defences and controls, carried out by highly-qualified and certified professionals,” said Tom Brennan, Chairman of CREST USA. “It is vital that the buying communities in both the public and private sectors have the confidence and trust that their employees, contractors or suppliers have the highest levels of knowledge, skill and competence.”
With locations in Europe, Asia, Australia, and the United States, the partnership reinforces a foundation of global capability for the validation of CMMC providers in 1) training & education; 2) readiness assessment 3) development and implementation of a tailored plan of action & milestones to advance preparedness, and 4) continuous monitoring to ensure maintenance of certification compliance.
The CMMC-COE (www.cmmc-coe.org) and the CMMC COE EU (https://cmmc-eu.com/) will continue to focus on bringing together the many disparate cyber and national security communities of interest to reduce complexity, improve awareness, and accelerate industry effort to become more cyber resilient against the growing threats from nation states and criminal enterprises.
The CMMC-COE partner network will be sharing a wide range of capabilities from member organisations, including; cyber standards frameworks, education, solution architectures, cyber mentoring, workforce, and other elements needed to scale to the demands of the entire DIB market place in the US and abroad (400,000 contractors).
For more information on CREST, please visit www.crest-approved.org
For more information on the CMMC COE, please visit http://cmmc-coe.org email email@example.com or call + 703-863-3766
For more information on the CMMC COE EU, please visit https://cmmc-eu.com/
CREST is a not-for-profit accreditation and certification body that represents and supports the technical information security industry. CREST provides internationally recognised accreditations for organisations providing technical security services and professional level certifications for individuals providing vulnerability assessment, penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services. CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure currency of knowledge in fast changing technical security environments the certification process is repeated every three years.
For more information about CREST, please see www.crest-approved.org
CMMC-COE.ORG is a unique non-profit public-private partnership, with a vision to accelerate Cybersecurity Maturity Model (CMM) adoption, and reduce time & cost for security compliance for our partners by leveraging commercial best practices, CMMC standards, and innovative solutions for a measurable success. Our mission, focused on DOD mission objectives, cost containment and expeditious CMMC compliance, is to help the DIB improve cyber posture and resilience, and simplify its acquisition.
The CMMC-COE is hosted by the Information Technology Acquisition Advisory Council (IT-AAC), a public/private partnership (P3) chartered in 2007 as an honest broker to reach outside the confines of the Federal IT advisories that lack dynamic reach into the Global IT Market, and dedicated to the adoption of commercial IT management standards of practice and innovations emanating from the Global IT market. Team IT-AAC has already demonstrated the value of its decade long investment and provides a unique value to agencies seeking to achieve accelerate the transformation of legacy processes and systems.
Our Just- in-Time SMEs apply an innovative suite of Technology Business Management and Agile Acquisition Processes needed to assure the business value of commercial IT.
The Interoperability Clearinghouse (ICH), is the managing partner that make up the 24 NGO/SDO organisations that make up the IT-AAC. ICH provides the contract vehicles, clearances, and critical resources proven to guide sustainable, measurable and repeatable processes needed to drive better investment decisions as the speed of mission need, while aligning existing processes, methods and workforce with IT reform mandates contained in Clinger Cohen Act, FITARA, IT MGT Act, EO13838.
For CREST – Allie Andrews: firstname.lastname@example.org
For CMMC – COE Bob Dix: email@example.com