Coalfire Federal Designated CMMC Third-Party Assessment Organization

The Cyber AB, formerly known as the Cybersecurity Maturity Model Certification Accreditation Body, has authorized Coalfire Federal to perform CMMC assessments. As one of the first CMMC third-party assessment organizations, Coalfire Federal can now offer cybersecurity evaluation services and compliance certification to companies that wish to secure contracts from the Department of Defense. The CMMC program aims to ensure the defense industrial base can secure controlled unclassified information and federal contract information, Coalfire Federal said.

According to Pentagon officials, voluntary CMMC assessments were expected to begin on Aug. 22, involving four companies. Matt Travis, CEO at Cyber AB, noted that C3PAOs were tasked with leading the evaluation, supervised by the DIB Cybersecurity Assessment Center. Entities that will clear the process will be granted CMMC level two accreditation. The program was originally set for implementation in 2021 but was suspended over concerns that assessments would be cost-prohibitive. New CMMC rules are now being formed following a major revision.

“CMMC is consistent with our mission and extends our commitment to provide cybersecurity services that enable and protect the mission of the DOD and its supply chain,” said Coalfire Federal President Bill Malone. The executive highlighted the importance of the services, citing escalating attacks of foreign adversaries on the DIB that threaten the integrity of weapons systems, platforms, tools and materiel.

The cybersecurity firm executes several compliance assessments annually. Besides being a C3PAO and CMMC registered provider organization, Coalfire Federal is also authorized to support over 70 percent of the assessment, advisory and engineering marketplace as a Federal Risk and Authorization Management Program-accredited provider.