In response to the recent mandate requiring Mandatory CMMC Compliance for Defense Construction Contractors, The Inland Northwest Associated General Contractors (AGC) partners with Ignyte Institute to accelerate the education and adaptation of their members to the emerging cybersecurity certification requirements for Defense Construction Contractors.
Accelerating Mandatory CMMC Compliance
In recent developments, the landscape has shifted significantly for all contractors and vendors collaborating with the Department of Defense (DoD). Just a month ago, they were entrusted with a momentous responsibility: self-assessment of their cybersecurity compliance with the established NIST SP 800-171 standards by December 1, 2020. This assessment mandated a thorough evaluation of their cybersecurity protocols and the subsequent registration of their compliance score with the Supplier Performance Risk System (SPRS).
The Genesis of CMMC: A New Era in Cybersecurity
It’s imperative to understand that this endeavor represents merely the initial step in a sweeping cybersecurity evolution that is fast approaching – the Cybersecurity Maturity Model Certification (CMMC). The CMMC framework is poised to become the new benchmark and a mandatory requirement for eligibility in securing DoD contract awards.
The CMMC initiative is firmly rooted in the foundations laid by NIST 800-171, which, until recently, dictated the Mandatory CMMC Compliance cybersecurity standards that all Defense Industrial Base (DIB) construction companies were obligated to adhere to. However, it’s important to note that the shift from self-assessment to external assessments of cybersecurity compliance is one of the most notable distinctions between NIST 800-171 and CMMC. These assessments will be conducted by specialized entities known as Third Party Assessment Organizations (C3PAO), adding an extra layer of objectivity and rigor to the compliance evaluation process.
Commencing from the fiscal year 2021, certain construction companies seeking to bid on or engage with DoD projects, including agencies such as the Corps of Engineers, may find themselves subject to the pilot implementation of CMMC requirements. These requirements mandate a certification within Level 1 to Level 3, a prerequisite for qualifying for government contracts.
In the grand scheme of things, beyond the pilot phase, the full transition to CMMC as a unified cybersecurity standard is imminent. Defense contractors must obtain certification that aligns with one of the five different maturity levels delineated by CMMC. This certification will be a pivotal factor in determining eligibility for contract awards within the realm of DoD projects, signifying a substantial paradigm shift in the cybersecurity landscape for the Defense Industrial Base.
“In order to assist our members, which include over 370 commercial construction companies throughout our region, with more efficient and rapid adaptation to these new cybersecurity standards,” says Cheryl Stewart, Executive Director at NWAGC. “We chose to leverage our efforts and partner with industry experts such as Ignyte Institute. Their educational courses on CMMC have been proven to be an effective tool to bring other WA state-based companies up to speed on their cybersecurity knowledge and readiness in a relatively short time.”
In a momentous and forward-looking move, the Inland Northwest Associated General Contractors (AGC) is embarking on an exciting collaboration with the esteemed Ignyte Institute. This groundbreaking partnership is poised to usher in a transformative CMMC-adaptation program meticulously crafted to serve as a beacon of knowledge and guidance for local construction companies seeking Mandatory CMMC Compliance. The primary goal of this innovative initiative is to introduce these companies to the ever-emerging regulations sponsored by the Department of Defense (DoD). Simultaneously, it aims to provide them with a robust arsenal of essential resources and expertise, meticulously curated to empower them to align with the new, stringent standards.
“We are joining NWAGC to take the pressure off their members, faced with current changes in cybersecurity framework, by streamlining their manual processes and enabling their members to maintain their competitive edge in the construction industry, continue their projects with DoD, and win new ones without any deviation from their business goals and objectives,” said Max Aulakh, CEO of Ignyte Institute.
For more information about NWAGC’s DoD Cybersecurity consulting and CMMC Readiness training program, visit: https://www.ignyteinstitute.org/partnership-nwagc/.