Cookie Consent
We use cookies to improve your experience on our site. By using our site, you consent to cookies.
Cookie Preferences
Manage your cookie preferences below:
Essential cookies enable basic functions and are necessary for the proper function of the website.
These cookies are needed for adding comments on this website.
Statistics cookies collect information anonymously. This information helps us understand how visitors use our website.
Google Analytics is a powerful tool that tracks and analyzes website traffic for informed marketing decisions.
Service URL: policies.google.com (opens in a new window)
Marketing cookies are used to follow visitors to websites. The intention is to show ads that are relevant and engaging to the individual user.
A video-sharing platform for users to upload, view, and share videos across various genres and topics.
Service URL: www.youtube.com (opens in a new window)
You can find more information in our Cookie Policy and .
Regola Cyber named as an Authorized C3PAO
July 2, 2024
Bel Air, MD – Regola Cyber today announced The Cyber AB has authorized Regola Cyber as a Certified Third-Party Assessor (C3PAO) in the Cybersecurity Maturity Model Certification (CMMC) ecosystem. Regola Cyber is the 54th authorized C3PAO listed on The Cyber AB’s Marketplace. They achieved a perfect score of 110/110 during their first CMMC 2.0 assessment by DIBCAC.
Due to ever-evolving threats to national security, in particular cybersecurity, the Department of Defense (DoD) recognized a need for formal assessment of DIB companies beyond the self-attestation model that is currently in place. CMMC is a DoD program that will require Defense Industrial Base (DIB) companies to undergo a cybersecurity assessment developed from NIST 800-171 controls every three years. These DIB companies, known as Organizations Seeking Certification or OSCs, will contract with a C3PAO who will provide the assessment service.
C3PAOs will be authorized by the Cyber AB to perform official CMMC assessments once the DoD rulemaking process is complete. Prior to the completion of rulemaking, OSCs who desire an assessment can request a Joint Surveillance Voluntary Assessment (JSVA), which is conducted by a C3PAO and the DIBCAC. C3PAOs are also well-positioned to provide consulting services to OSCs, though they cannot provide consulting services and assessment services to the same customer.
Regola Cyber’s assessment team is composed of CMMC Certified Assessors degreed in computer science who have decades of experience working for DIB companies. President Nathan Regola said, “We are pleased to support national security as the newest authorized C3PAO and will bring our cybersecurity expertise to every engagement as a C3PAO.”
Regola Consulting, Inc. dba Regola Cyber is an Authorized C3PAO.