As nation-states and threat actors launch cyberattacks with increasing regularity and success, the U.S. Department of Defense (DoD) is tightening the security controls not just within its own agency but with all third-party contractors with whom it does business.
Now the DoD has established a framework built around its Cybersecurity Maturity Model Certification (CMMC) to which all contractors within its Defense Industrial Base (DIB) must adhere.
There are five different levels of certification, each building in both practices and processes upon the last. The level to which a contractor needs to comply depends on the type and sensitivity of data the organization must access to fulfill its contract.
Ramping up CMMC with the Arctic Wolf Platform
With CMMC compliance in mind, cybersecurity consulting firm Coalfire recently reviewed the various ways Arctic Wolf helps contractors effectively tackle these new requirements and ensure their organizations meet the needed certification levels and grow more secure. Its report—Arctic Wolf® Platform for CMMC: Applicability to Cybersecurity Model Certification—is part of the Coalfire Opinion Series, and specifically seeks to “identify how the platform’s security capabilities, functions, and features, can assist organizations in achieving CMMC certification Level 1 through Level 5.”
The report explains which requirements at which levels the platform’s solutions of Arctic Wolf® Managed Detection and Response (MDR), Managed Risk, and Managed Cloud Monitoring—all anchored by the skilled expertise of Arctic Wolf’s Concierge Security® Team—can meet to help organizations reach the certification level they need.
Whether its enhanced visibility or log collection standards of MDR, continuous vulnerability scans to determine risk exposure of Managed Risk, or the ability of Managed Cloud Monitoring to integrate with and detect and respond to threats against leading IaaS and SaaS platforms, Arctic Wolf helps organizations elevate their ability to achieve CMMC maturation. And, while not covered in the report since we launched our solution after Coalfire’s review, Arctic Wolf® Managed Security Awareness covers additional capability domains related to cybersecurity awareness and training.
How Arctic Wolf Addresses the Range of CMMC Levels
While the requirements of each level builds upon the last, even Level 1 certification entails a significant cybersecurity investment and strategy. Arctic Wolf can help organizations with every step on their CMMC journey, as we cover the following number of required practices:
- Level 1 certification: 13 of 17 practices
- Level 2 certification: 62 of 72 practices
- Level 3 certification: 108 of 130 practices
- Level 4 certification: 130 of 156 practices
- Level 5 certification: 144 of 171 practices
Discover Coalfire’s conclusions and learn more about how Arctic Wolf Platform capabilities map to the new CMMC requirements to which defense contractors must abide.
CMMC 1.02 was released on March 18, 2002. This guide refers to achieving compliance within this framework. CMMC 2.0 plans have been developed by the Pentagon, we will be updating to reflect the latest requirements