On June 9, 2021 - the first CMMC Third Party Assessor Organization (C3PAO) was announced and listed on the CMMC Marketplace. Redspin, a division of CynergisTek, was the first among 156 known organizations aspiring for C3PAO status to pass the full Defense Industrial Base Cybersecurity Assessment Center. (DIBCAC) assessment at CMMC Level 3. CMMC Provisional Assessor (PA) Tony Buenger and CISO Thomas Graham, PhD, CISSP, MBA of Redspin/CynergisTek will be featured in a unique discussion giving attendees one of the first in-person forums to ask questions and glean insights from the accreditation process.
This session and many others will be hosted at the Cloud Security and Compliance Series (CS2) conference in Austin, TX on August 3rd.
The announcement of the newly authorized C3PAO comes on the heels of the recent Executive Order on Cybersecurity from President Biden and a Special Senate Hearing on CMMC and Cybersecurity in the Defense Industrial Base (DIB). Jesse Salazar was noncommittal during the hearing on the expected final DFARS ruling publication date and only alluded to an approximate November 2021 release. However, this recent development shows signs of life in the program and will likely usher in a series of similar announcements of other C3PAO's passing the assessment process.
Redspin is an ideal C3PAO candidate and was likely selected because of its rich history within the cross-industry auditing community. The company is based out of Austin, TX, and has conducted over 1,000 cybersecurity audits in past years. One of its 100+ team members and a speaker at the upcoming conference, Tony Buenger, sat down with Summit 7 and the CS2 team several months ago to discuss his experiences and practical guidance for meeting requirements within the Identification and Authentication (IA) Domain.
The two Redspin leaders join an already saturated lineup of speakers at CS2 Austin (CS2ATX) that includes renowned attorney Bob Metzger, Founder of DTC Global - Regan Edens, special expert Jacob Horne, members of the CMMC Industry Advisory Council (IAC), CEO of Summit 7 - Scott Edwards and more to be announced.
The Cloud Security and Compliance Series (CS2) is strictly for government contractors and those in higher education research institutions looking to meet cybersecurity regulations, address security threats, and glean best practices for their cloud investments.
CS2ATX will be hosted at Austin's Hotel Van Zandt for the latest stop in an ongoing informational series to cover best practices for CMMC, DFARS 7012/7019/7020/7021, NIST 800-171 compliance, CUI and ITAR data management, assessment preparations, and other cloud security topics.