The Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE), hosted by the Information Technology Acquisition Advisory Council (IT-AAC), a public-private partnership serving the public and private sectors for more than 15 years, is excited to announce a partnership with Ordr, an industry leader in continuous discovery, device asset inventory visibility and security of all connected devices, including unmanaged IoT, IoMT, and OT devices. This unique partnership will extend efforts by providing complete device asset inventory discovery for compliance within the CMMC COE Marketplace to improve cybersecurity protection and resilience for the global defense industrial base network of contractors, vendors, and suppliers.
“We are excited to embark on this journey with Ordr”, said John Weiler, Chairman of the Board at CMMC Center of Excellence, “The foundation of CMMC starts with visibility into devices in the network and the risks they bring. This new partnership will further help advance the goals and objectives for improving the supply chain security and resilience for the US Department of Defense (DoD)”.
Ord provides a purpose-built platform for asset inventory and security. It discovers and secures all connected devices -- from traditional servers, workstations and PCs to IoT, IoMT and OT devices. Using agentless and passive methods of data collection, connected devices can be automatically discovered and classified. Devices with vulnerabilities, weak ciphers/certificates or are subject to recall are identified. Ordr’s machine learning engine also maps and baselines device communication patterns to establish “Flow Genomes”. Ordr can then alert on anomalous behavior and dynamically generate micro-segmentation policies to allow devices only appropriate access.
“The Ordr team is thrilled to be joining the pioneering organizations and innovators that make up the CMMC COE,” said Greg Murphy, Chief Executive Officer at Ordr. “We are working with DIB contractors, vendors, and the supplier community to enable them to meet CMMC regulations quickly and efficiently. Being a part of the CMMC COE accelerates that effort.”
The executed Engagement Agreement establishes a collaborative engagement between Ordr and the CMMC COE to partner in the furthering of their respective and complementary missions and objectives regarding the adoption, use, and expansion of CMMC based cybersecurity practices, risk management, and compliance for the DIB contractor, vendor, and supplier community of providers creating a broader CMMC ecosystem globally to improve security and resilience.
Specific actions will include:
- The co-development of CMMC advisory services, cyber training and education programs to accelerate CMMC certification, increase cyber adoption and improve cyber protection & resilience.
- Co-sponsor symposiums, training programs and podcasts leveraging their combined cyber and IT expertise.
- Host regular working groups, with other partners, to enable collaboration and communications.
- Establish an independent Industry Cyber Security Advisory Council with peer organizations to advise and educate leaders across government and industry on the continued evolution and effectiveness of CMMC.
The CMMC-COE (http://cmmc-coe.org) and Ordr partnership will focus on bringing together the many disparate cyber and national security communities of interest to reduce complexity, improve awareness, and accelerate industry effort to become more cyber resilient against the growing threats from nation states and criminal enterprises.
The CMMC-COE establishes both a Market Place and Knowledge Clearinghouse that will include resources that support the overall effort, including white papers; tutorials; recorded webcasts; presentations; and more that will help reduce the cost and burden on small and medium size contractors already struggling from the impact of COVID.