Redspin, a Division of CynergisTek, Announces Approval to Perform Work for 300,000 Suppliers to the Defense Industrial Base Significantly Expanding Addressable Market

Rhea-AI Summary

CynergisTek (NYSE AMERICAN: CTEK) announced that its division, Redspin, received approval from the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) to conduct CMMC assessments as a C3PAO and offer pre-assessment security consulting as an RPO. This aligns with the U.S. Department of Defense's initiative requiring third-party cybersecurity assessments for contractors. Redspin is among the first to provide these services, enhancing its market position and expanding its addressable market.

Positive

• Redspin approved as C3PAO to conduct CMMC assessments, positioning CynergisTek to meet DoD compliance requirements.
• Expansion into the cybersecurity assessment market aligns with CynergisTek's growth strategy, increasing total addressable market.

Negative

• None.

CynergisTek, (NYSE AMERICAN: CTEK), a leading cybersecurity firm helping organizations in highly regulated industries navigate emerging security and privacy issues, today announced that Redspin, a division of CynergisTek, received approval from the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) to perform CMMC assessments as a C3PAO and to perform pre-assessment security consulting as a RPO.

The United States Department of Defense (DoD) is the first government agency to require third party cyber security assessments of contractors with access to controlled unclassified information. This is part of a broad effort from the DoD to reduce the estimated $600 billion in cybercrime losses impacting the nation’s military supply chain every year. In a phased rollout, 300,000 Defense Industrial Base (DIB) contractors will be required to meet varying levels of CMMC certification as a requirement for the DoD to award a contract. As one of only a handful of C3PAO organizations approved today, Redspin is authorized to perform Levels 1-3 CMMC assessments as part of the provisional program defined by the CMMC-AB.

CMMC is based on U.S. federal acquisition rule (48 FAR 52.204-21) mandating implementation of basic safeguarding requirements and the DoD federal acquisition rules (DFARS 252.204-70xx Series) to protect Controlled Unclassified Information. These regulations are similar to those governing HIPAA and PHI in healthcare, and based on NIST Special Publication 800-171, which is similar and complementary to the assessment, consulting, and remediation work that CynergisTek provides today.

“Offering our expertise to the DoD as a C3PAO and RPO is a natural progression, evolving our healthcare practice and knowledge to address the needs and high demand in adjacent markets. For example, many of our academic medical center clients need to comply with CMMC. As a result, Redspin is proud to be one of the organizations having one of the first one hundred CMMC-trained assessors on staff,” says Caleb Barlow, CEO and president at CynergisTek.

Mr. Barlow goes onto say, “We’re honored to be one of the first public companies chosen to help ensure controlled unclassified information flowing down from the DoD to the DIB contractors and their subcontractors is protected. Getting in on the ground level aligns extremely well with our growth strategy and expansion of the Company. It is a simple pivot for us leveraging existing resources, skills, and technology, and dramatically expands our total addressable market.”

About Redspin

Redspin (www.redspin.com), a division of CynergisTek, is a best-in-class cybersecurity company providing security testing, assessments, validation, and consulting services to many Fortune 500 and leading growth companies in highly regulated industries including government, financial, technology, and manufacturing. Redspin helps improve organizations cyber readiness and resiliency through a strategic and proven approach to reduce cyber risks and safeguard sensitive information.

Forward-Looking Statements

This release contains certain forward-looking statements relating to the business of CynergisTek that can be identified by the use of forward-looking terminology such as “believes,” “expects,” “anticipates,” “may” or similar expressions. Such forward-looking statements involve known and unknown risks and uncertainties, including uncertainties relating to product/service development, long and uncertain sales cycles, the ability to obtain or maintain patent or other proprietary intellectual property protection, market acceptance, future capital requirements, competition from other providers, the ability of our vendors to continue supplying the company with equipment, parts, supplies and services at comparable terms and prices and other factors that may cause actual results to be materially different from those described herein as anticipated, believed, estimated or expected. Certain of these risks and uncertainties are or will be described in greater detail in our Form 10-K and Form 10-Q filings with the Securities and Exchange Commission, which are available at http://www.sec.gov. CynergisTek is under no obligation (and expressly disclaims any such obligation) to update or alter its forward-looking statements whether as a result of new information, future events or otherwise.

View source version on businesswire.com: https://www.businesswire.com/news/home/20201217005794/en/

FAQ

What is CynergisTek's new approval related to CMMC?

CynergisTek's division Redspin received approval to conduct CMMC assessments as a C3PAO and offer pre-assessment consulting as an RPO.

How does the CMMC certification impact CynergisTek?

The CMMC certification allows CynergisTek to engage with the Defense Industrial Base, significantly broadening its market reach and service offerings.

What is the significance of the DoD's CMMC requirements?

The DoD requires CMMC certification for contractors to protect controlled unclassified information, addressing significant cybercrime losses.

How will Redspin's approval affect CTEK stock?

The approval potentially enhances investor confidence and market position, which could positively influence CTEK stock performance.

What levels of CMMC assessments can Redspin perform?

Redspin is authorized to conduct Levels 1-3 CMMC assessments as part of the provisional program set by the CMMC-AB.