SECURITY REGULATIONS
What ’ s The Secret To Bringing The Best Value To Your Clients ?
WITH MATT KATZER , CEO OF KAMIND IT
Compliance will become mandatory for all businesses in 18 – 24 months , and Matt Katzer , CEO of KAMIND IT , introduces a new strategy that helps organizations grow their business and add value to clients amidst increasing security regulations .
In 2017 , the United States Department of Defense ( DoD ) introduced a new security standard called NIST 800-171 . It deals with the handling of CUI ( controlled unclassified information ) that applies to all contractors and subcontractors of the DoD . A few years later , in 2020 , the DoD released the Cybersecurity Maturity Model Certification ( CMMC ) to enforce the new standard .
Any contractors who don ’ t meet these standards by 2025 , the DoD says , must forfeit their contracts . Matt Katzer knew that the CMMC was going to be a game-changer , so he decided to do something different . He realigned his business strategy in a way that would bring even more value to his clients .
“ I knew CMMC would affect a portion of my clients at KAMIND IT , about 10 %,” says Matt . “ However , instead of limiting CMMC to those clients , we chose to deploy a new strategy . We applied the CMMC security model to all our clients and treated security management and compliance as a continuous process .” The result was added value for KAMIND ’ s clients in terms of increased responsiveness , better education , holistic protection , and lower costs .
THERE ARE MORE DEMANDS FOR CYBERSECURITY STANDARDS THAN EVER BEFORE
When Matt worked at Intel Corporation , he was known for discerning new trends . “ I ’ m able to look at data points and say ,
‘ If we need to be here , we must do X , or we need to head in this direction ,’” says Matt . “ In terms of cybersecurity , there have been a few key factors that show which way the industry is trending . CMMC was one inflection point . Another inflection point occurred when the Biden administration announced an executive order .”
In May 2021 , Biden announced Executive Order 14028 , “ Improving the Nation ’ s Cybersecurity ,” which seeks to , among other things , implement stronger security standards in the federal government . Matt points out that the federal government isn ’ t the only institution pushing for strong regulations . Cybersecurity insurance companies are asking questions like “ Have you deployed multifactor authentication ?” and “ Have you deployed security standards ?” before they issue policies . Some are even demanding official accreditation . At the state level , governments are trying to decide what standards to implement . All eyes are on states like New York , which released a set of new cybersecurity regulations under 23 NYCRR 500 and is putting ubiquitous standards in place .
“ There are many companies , including our clients , that are saying that if you want to do business with us , you ’ re going to have to be at this level of maturity ,” says Matt . “ We recognize that compliance is going to be required , and we better be ready .”
For many businesses , prior to 2017 , cybersecurity was an afterthought . However , in 18 – 24 months , Matt points out , businesses will need to prove they are meeting some minimum standard . “ Now we are in the stage where people are demanding proof that you ’ re doing what you said you ’ re doing ,” says Matt . “ It ’ s no longer acceptable to attest to something . . . you now have to prove it .” If businesses can ’ t provide evidence and data to prove they ’ re meeting compliance
22 | MSPSUCCESS . COM