Cloud security provider Zscaler, Inc., has secured Level 2 certification under the U.S. Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) framework.
The company said on May 21 that the Level 2 certification puts Zscaler “at the forefront of Security SaaS companies attempting to reach this critical milestone, further cementing the company’s leadership role in delivering trusted, compliant, cloud-native Zero Trust cybersecurity solutions protecting government and defense environments.”
The Pentagon in October 2024 released its final rule for the CMMC program that requires Defense Industrial Base (DIB) contractors and subcontractors to implement necessary security measures for Federal contract information and to introduce new security requirements for controlled unclassified information related to specific priority programs.
CMMC has yet to be fully implemented in DoD contracts. After several revisions and lengthy delays, DoD is aiming to enforce the new requirements by mid-year 2025.
“Achieving CMMC compliance is essential for contractors to demonstrate not only their defense contract eligibility but more importantly their ability to protect sensitive information critical to the U.S. National Defense Strategy (NDS),” Zscaler said.
The company explained that it achieved the CMMC Level 2 certification “by implementing a Zero Trust Architecture, powered by Zscaler Internet Access™ (ZIA™) and Zscaler Private Access™ (ZPA™), both of which are FedRAMP authorized.”
“With this industry-first certification, Zscaler helps customers integrate cybersecurity and compliance seamlessly into their operations, reducing the need to manage disparate systems, accelerating their momentum to meeting CMMC and other compliance requirements,” the company said.
“Compliance is the foundation and the floor, not the ceiling,” commented Kumar Selvaraj, Zscaler’s VP of Global Security Compliance.
“Considering this, DoD’s CMMC mandate aims to solidify the cybersecurity and compliance foundation for government contractors and their supply chains,” Selvaraj said. “Zscaler consolidates, enhances and simplifies these cybersecurity and compliance requirements, helping to expedite CMMC compliance adoption and protect against data exploitation.”