ISACA offers much more than moment-in-time learning resources. We are here to open the door to new professional pathways and serve as an ongoing career partner for our members as they keep pace with rapid technological change.
One of the largest milestones in ISACA’s proud, 55-plus year history will help ISACA do exactly that. The Cybersecurity Maturity Model Certification (CMMC) program, for which ISACA recently became the CMMC Assessor and Instructor Certification Organization (CAICO), provides another valuable avenue through which our professional community can grow their careers. As the CAICO, ISACA will manage the training, examination and professional certification for individuals throughout the CMMC ecosystem. This designation is reflective of the immense trust placed in our association to play a leading role in strengthening the cybersecurity workforce by helping members of the Defense Industrial Base (DIB) secure some of the most sensitive information on the planet.
While CMMC is a program within the US Department of Defense, the program has widespread relevance, recognition and value throughout the world. The DIB includes organizations within more than 50 countries that are embedded in global defense and technology supply chains. Providing these organizations with the knowledge to sharpen their cybersecurity capabilities makes the reach and impact of the program reverberate well beyond the US. Additionally, although CMMC focuses on the DIB, its rigorous cybersecurity standards are broadly applicable to other industries, meaning credential-holders can apply this expertise and credibility to any industry or path that their career takes. “CMMC can go beyond the defense industrial base and be embraced as a cybersecurity framework for many other industries across the economy,” noted Chris Dimitriadis, ISACA’s chief global strategy officer, in a recent interview with IT Wire.
In our CAICO role, ISACA will administer credential programs for CMMC Certified Professional (CCP), CMMC Certified Assessor (CCA) and CMMC Certified Instructor (CCI), as well as Lead CCA designation. These credentials provide ISACA members with the opportunity to grow their careers as part of the expansive CMMC ecosystem, building capability both for themselves and their organizations. As Todd Gagnon, director of the CAICO, wrote in Real Clear Defense, “CMMC is not a pilot effort or a niche compliance regime. More than 200,000 organizations—domestic and international—support the Department of Defense, and once the program is fully operational, nearly 120,000 contractors will require Level 2 certification. Because certifications must be renewed every three years, roughly 40,000 third-party assessments will be required annually. Without a sufficiently large, trained, and trusted assessor workforce, CMMC risks becoming a bottleneck rather than an enabler of cyber resilience.”
This new role also strengthens ISACA’s recognition and standing in the global cybersecurity community, making the entirety of our credentialing portfolio and the overall affiliation with ISACA all the more resonant for our professional community. As strong of a global footprint as ISACA already has – with our 195,000-plus members and presence in more than 190 countries – this new role as CAICO will place ISACA on the radar of thousands of new professionals who will further enhance our professional community. In the coming years, by applying our time-tested certification expertise to this program, we will accelerate development of the CMMC workforce, strengthen the cybersecurity workforce as a whole and continue growing our association so that we can make additional investments in the resources our members need to be at their best.
ISACA’s vision statement calls for championing a workforce committed to advancing trust in technology. We live up to this vision in many ways, including by providing world-class learning resources for our members and the unmatched network that professionals need to advance their careers. Our CAICO status with the CMMC program elevates ISACA in both of these areas, putting us in even stronger position to support our members and to shape a more trustworthy digital ecosystem.
I encourage you to learn more about the CMMC program and ISACA’s role in it through a set of frequently asked questions on our website, as well as in our webinar, CMMC: Requirements, Roles, and Professional Credentials, on 12 March. In the meantime, I encourage our entire community to continue spreading the word about this important step forward for ISACA members and the cybersecurity workforce.
