Exostar, the leader in trusted, secure business collaboration in aerospace and defense (A&D), life sciences, and healthcare, today announced it has signed a Memorandum of Understanding (MOU) with Ivis Technologies to deliver secure, cloud-based assessment, self-help, and risk management solutions to the global commercial and Government A&D industry. These solutions will enable all organizations, from small-to-medium sized businesses to large enterprises, to better understand and mitigate risk, improve their cybersecurity postures, and comply with current and forthcoming Department of Defense (DoD) and other Government standards, such as Special Publication 800-171 from the National Institute of Standards and Technology (NIST SP 800-171) and the Cybersecurity Maturity Model Certification (CMMC).
“Recent DoD audits show that contractors subject to NIST SP 800-171 are struggling to comply. CMMC changes the paradigm from compliance to maturity by adding a process component, and from self-attestation to third-party verification and certification. Additionally, CMMC will apply to a broader, deeper community of organizations that directly or indirectly participate in the DoD supply chain,” said Stuart Itkin, Exostar’s Vice President of Marketing and Product Management. “Our new solutions will help companies understand what they need to do to prepare for and to achieve CMMC certification so they can continue to participate on Government contracts.”
Exostar’s latest additions to its pioneering risk management suite support members of the DoD supply chain in meeting the provisions identified in Defense Federal Acquisition Regulations Supplement (DFARS) clause 252.204-7012. These include the establishment of plans, such as a System Security Plan and a Plan of Actions & Milestones, as well as addressing the NIST SP 800-171 security controls and the upcoming CMMC practices and processes. The Exostar suite also provides tools for organizations to assess and manage other forms of supply chain and organizational risk.
Suppliers receive a web-based, step-by-step, wizard-like experience – complete with straightforward explanations and relevant reference materials – to implement the controls and practices mandated by NIST SP 800-171 and CMMC. Easy-to-understand reports illustrate status and gaps, and identify what activities suppliers must complete to improve security posture and achieve their required level of CMMC certification. Third-party CMMC assessors can potentially use the solutions to prepare for and conduct audits. Suppliers, primes, and assessors can all work and communicate within Exostar’s secure, cloud-based platform.
“The Exostar/Ivis relationship immediately puts compelling solutions in the market that enable companies throughout the Defense Industrial Base to manage risk and prepare for CMMC. CMMC’s adoption timeline is aggressive, so now is the time to get started,” said Christopher Lank, Ivis CEO and Founder. “Organizations across the DoD supply chain already rely on Exostar for secure collaboration and risk management; they know they can count on Exostar for trusted, innovative solutions that meet the objective and deliver competitive advantage.”