Kratos Defense and Security Solutions has been named a certified third-party assessment organization by the accreditation body of the Department of Defense's Cybersecurity Maturity Model Certification program to help determine defense contractors' compliance with the new security standards.
The CMMC Accreditation Body authorized Kratos to assess whether companies observe security practices that follow DOD's industrial cybersecurity requirements that aim to protect controlled unclassified information flowing within the defense industrial base's supply chain, Kratos said Wednesday.
Kratos will conduct personnel interviews, artifact reviews, readiness assessments, penetration testing and other forms of assessment work to validate CMMC compliance.
The C3PAO certification builds on Kratos' existing advisory services for companies looking to comply with CMMC.
“During our CMMC engagements, we’ve identified common requirements that impose strategic and operational challenges on organizations seeking certification at Level 3 maturity level,” said Mark Williams, vice president of Kratos' cybersecurity services unit.
Experience gained from CMMC engagements prepared Kratos to provide advisory and assessment services on the program, Williams noted.