(Baltimore, MD, September 10, 2020) The Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB), which serves as the authorized training, credentialing and accreditation ecosystem for CMMC, has just named the first 11 LPPs - Licensed Partner Publishers - to join the CMMC-AB ecosystem. “This is just the first wave of organizations that will support the certification process with training curricula. This is exciting for us because we now have partners that are in this with us together and can help us scale to meet demand” stated Ben Tchoubineh, Director, CMMC-AB Board of Directors, Chair, Training Committee.
The following companies were in the first cohort of LPPs:
- Captiva Solutions, LLC
- Celerium, Inc
- Community Colleges of Spokane, Corporate & Continuing Education
- Cyber Soldier, Inc
- Data Intelligence Technologies, Inc
- Edwards Performance Solutions
- Holistic Information Security Practitioner Institute (HISPI)
- Infosec Institute, Inc
- Logical Operations
- Precision Execution LLC
The qualifiers to become an accredited LPP are: at least 200 hours of published coursework/curriculum in technology, cybersecurity, auditing or similar content, at least 2 years of publishing history of content in technology, cybersecurity, auditing or similar, and at least 3 suitable client references. In order to become certified, the LPPs must sign the Code of Professional Conduct, sign the LPP License Agreement, pay the application/acceptance fee, and be subject to an Organizational Background Check through Dun & Bradstreet and have a DUNS number.
Over the next few months, the LPPs will take the exam objectives that are being developed by the CMMC-AB and create educational curricula that map back to those objectives to help assessors and others meet them. The LPPs will have the option and flexibility to create content in multiple formats: video, print publication, e-books, instructor-led synchronous learning, and/or guided self-paced on-demand asynchronous learning.
Tchoubineh went on to state that “Once the LPPs develop the content, we are going to have an independent third-party quality assurance organization ensure the content meets exam objectives and usability standards. Once it does, we will formally approve the specific training content and add it to the list of Certified CMMC-AB Curricula.” The certified curricula will be advertised and available on the CMMC-AB website.
Now that LPPs are being added to the ecosystem, the CMMC-AB is currently in the process of selecting an exam agency that will deliver the exams, as well as the quality assurance agency. The next step will be to start approving and bringing on the Licensed Training Providers (LTPs) that will be responsible for delivering the certified courses to the public.
Tchoubineh stated, “ We have been working really hard to develop this framework, and build it from an idea into something real. CMMC has a huge potential to positively impact the world in that it will improve, finally after all these decades, the security posture of so many organizations doing work of great national security significance.”
He continued on to say, “The power of CMMC, the reason that CMMC is different, is that it is a maturity model. There are five levels of maturity, and the level of security that is appropriate for a contractor is dependent upon the specific work they are doing within the DoD. There has never been anything like this in the cybersecurity world. Organizations will be more secure, but one size does not fit all. The architecture we have been building is finally becoming a reality.”