Partnership with Steel Root to Support CMMC Requirements for Defense Contractors

In an effort to strengthen federal supply chain security, it will be necessary for more than 300,000 defense contractors to meet Cybersecurity Maturity Model Certification (CMMC) requirements over the next five years, demonstrating they can protect Controlled Unclassified Information (CUI).   While CMMC launched prior to the SolarWinds attack, the massive breach underscores the hard requirement to improve and normalize cyber requirements for the organizations that support federal missions.  

Not only will CMMC be required on all new DoD contracts, but the DoD will also leverage third-party assessments and certifications to ensure these requirements are being met. This contrasts with the status quo, in which contractors are expected to protect CUI on their own accord, meeting their own internal compliance standards. 

Steel Root, a leading cybersecurity services firm specializing in compliance for the U.S. Defense Industrial Base, and Zscaler recently announced a partnership to help defense contractors prepare for CMMC certification. Commenting on this partnership, Steel Root Managing Partner Mike Nestor says, “Zscaler is a disruptive force in cloud-based security and has been validated year over year as the only leader in Gartner’s Magic Quadrant for Secure Web Gateways.” He continued, “When the FedRAMP authorization for Zscaler Internet Access was announced in 2020, we immediately recognized the solution as a required component in the cloud-native systems we design and implement. It’s the only zero trust secure access solution in the market that can meet our clients’ compliance requirements.”

As the only SASE solution provider to meet the defense industry's most stringent security requirements (FIPS 140-2, validated cryptography, and FedRAMP authorization for cloud services), Zscaler is focused on bringing the most secure cloud-based security services to DoD organizations and the larger defense industrial base community.

Steel Root understands the importance of a cloud-first, future-ready strategy, and provides highly effective guidance and implementation services supporting defense contractors as they prepare for CMMC—which is why our partnership with Steel Root furthers our commitment to helping federal organizations improve their cybersecurity posture.

As DoD contractors proactively consider how their organizations can achieve the highest level of cloud accreditation through CMMC, they should look to leverage cloud security platforms that have already achieved FedRAMP-High authorization, such as Zscaler’s FedRAMP-High Zero Trust Exchange. 

Together, Zscaler and Steel Root provide both guidance and implementation services for defense contractors as they prepare for CMMC. As, a result, contractors can focus on supporting DoD missions—and together, the defense community can take steps forward to mature cyber defenses.