Kratos

Kratos to Advise Juniper Networks on CMMC Requirements

Kratos Defense & Security Solutions will help Juniper Networks update its existing system security plan to meet Cybersecurity Maturity Model Certification Level 3 requirements.

The CMMC advisory services contract also calls for support in meeting National Institute of Standards and Technology SP 800-171 and DFARS clause 252.204-7012 compliance requirements, Kratos said Monday.

“As major providers of high-performing, scalable routers, switches, firewalls and proven networking solutions for the DoD and Intelligence Community, it is critical that companies achieve CMMC certification prior to an award containing CMMC requirements," said Mark Williams, vice president of cybersecurity services at Kratos.

The CMMC serves as the Department of Defense's cybersecurity standard and certification process for defense contractors, particularly those holding federal contract information and controlled unclassified information.

Williams said Kratos has already identified common requirements that Juniper needs to clear for CMMC Level 3 and higher.

CMMC Level 3 requires an organization to have a plan demonstrating the management of activities for cybersecurity practice implementation. The plan may cover missions, goals, project plans, resourcing, training and stakeholders.

The standard includes the previously said NIST and DFARS requirements, in addition to other security practices such as threat mitigation and incident reporting.

Kratos said Juniper's system security plan describes the security requirements of a system, the implementation state of security controls and the expected behaviors of individuals who interact with the system.

The CMMC Accreditation Body recently recognized Kratos as a CMMC third-party assessment organization, authorizing the company to conduct assessments and submit findings and recommendations for certification.