Exostar Enhances The Exostar Platform’s Onboarding Module to Include Defense Industrial Base’s Cybersecurity Compliance and Risk Assessment
New Capability Eases the Burden for DIB Primes and Suppliers to Request, Complete, and Share Critical Cyber Risk and Compliance Data
HERNDON, VA, March 19, 2024 – Exostar, a leader in trusted, secure business collaboration and NIST 800-171 and CMMC solutions for the aerospace and defense industry, today announced The Exostar Platform’s Onboarding Module now supports the Cybersecurity Compliance and Risk Assessment (CCRA). Prime contractors throughout the Defense Industrial Base (DIB) have begun to use the CCRA to gather cybersecurity information from the companies throughout their global, multi-tiered supply chains to assess compliance, understand and manage risk, and evaluate partnerships.
The CCRA provides a standardized, consistent means for collecting cybersecurity compliance data and calculating supplier risk. It contains a maximum of 60 questions, including inquiries about a subset of controls drawn from the National Institute of Standards and Technology Special Publication 800-171 (NIST 800-171). The CCRA replaces the often proprietary, inconsistent, and outdated questionnaires prime and upstream contractors have used to capture this type of information from their downstream suppliers. Suppliers benefit because they complete the CCRA once and share it with all companies who accept it on a reciprocal basis.
The Exostar Platform’s Onboarding Module, which provides supplier visibility and risk management functionality throughout the relationship life cycle, automates the completion and sharing of the CCRA, adding even greater value. DIB companies no longer need to download and navigate a macro-enabled Excel file to respond to the CCRA and upload a comma-separated value file to export the results. The Onboarding Module delivers a compelling user experience that makes it easy to answer all relevant CCRA questions and forward the output to any organization belonging to Exostar’s community comprised of more than half of all DIB businesses.
Lockheed Martin will rely on the Onboarding Module to help its suppliers transition to the CCRA. As the company states on its web site, “For LM suppliers, the CCRA will significantly reduce the burden and time it takes to complete over the legacy CSQ and NIST Questionnaire. The web-based CCRA will be implemented on Exostar’s Onboarding Module (OBM) and suppliers will be asked to migrate to the CCRA starting 1st Quarter 2024.”
“Although the CCRA doesn’t replace any Department of Defense cybersecurity requirements, its alignment with portions of NIST 800-171 moves companies closer to compliance with that standard and the forthcoming Cybersecurity Maturity Model Certification while simultaneously illuminating supplier risk for primes,” said Vijay Takanti, Exostar’s Senior Vice President of Innovation. “Now, all DIB companies can leverage The Exostar Platform’s Onboarding Module to accelerate CCRA adoption.”
The DIB Sector Coordinating Council’s Supply Chain Cybersecurity Task Force created the CCRA Working Group to develop the CCRA as a common set of security requirements integrated into a single concise format to measure both risk and compliance. Working Group members include Lockheed Martin, RTX, L3Harris, Northrop Grumman, Leidos, Huntington Ingalls Industries, Boeing, BAE Systems, and Rolls-Royce. The National Defense Information Sharing and Analysis Center, the operational and administrative arm of the DIB Sector Coordinating Council, offers more information about the CCRA on its CyberAssist web site.
About Exostar
The Exostar Platform supports exclusive communities within highly regulated industries where organizations securely collaborate, share information, and operate compliantly. Within these communities, we build trust. Over 200,000 companies and agencies in 175 countries trust Exostar to strengthen security, reduce expenditures, raise productivity, and help them achieve their digital transformation initiatives. More than half of the Defense Industrial Base, including 98 of the top 100, transact business over The Exostar Platform. Ten of the top twenty global biopharmaceutical companies rely on The Exostar Platform to help them speed new medicines and therapies to market. Exostar is a Gartner Cool Vendor. For more information, please visit www.exostar.com, and follow Exostar on LinkedIn and X.
Media Contact:
Alan Gilbert
Exostar
(703) 624-4675 (m)
Alan.Gilbert@exostar.com
