Castellum, Inc. Achieves CMMC Level 2 Certification (C3PAO)

•

Castellum, Inc. (NYSE-American: CTM) said it has achieved Cybersecurity Maturity Model Certification (CMMC) Level 2 following a comprehensive assessment by an accredited Certified Third-Party Assessment Organization (C3PAO). The company said the certification confirms that Castellum and all of its subsidiaries meet the cybersecurity requirements needed to protect Controlled Unclassified Information (CUI) in support of U.S. Department of Defense (DoD) programs.

Certification details and what it enables

Castellum said CMMC Level 2 positions it to support DoD programs that require protection of CUI, respond to requests for proposals requiring CMMC Level 2, and strengthen partnerships with prime and subcontractor partners. The company also said the certification provides validated cybersecurity maturity for customers and stakeholders and supports a security culture aligned with DoD expectations.

Assessment results cited by the company

In remarks on the certification, Chief Operating Officer Drew Merriman said Castellum met all 110 controls and 320 objectives of the Level 2 framework with no open Plan of Action and Milestones, and received a perfect 110 score.

“Achieving CMMC Level 2 certification is a significant milestone for our organization,” Merriman said. “We met all 110 controls and 320 objectives of the Level 2 framework with no open Plan of Action and Milestones and a perfect 110 score.”

Merriman added that the company has implemented a step-by-step technical roadmap to prioritize milestones for continued growth. He said that with CMMC complete, the next action on the roadmap is an overhaul and redesign of the company’s website, which it expects to launch during the second quarter.

Management commentary

President and CEO Glen Ives said CMMC validates the company’s capabilities and discipline in protecting sensitive information. He also said Castellum is complementing internal efforts with support from its new Investor Relations partner, The Equity Group, as it increases focus on customer and investor engagement.

Ives said, “CMMC is a strong validation of our capabilities and the discipline we bring to protecting sensitive information.”

Background on Castellum

Castellum, Inc. is a technology company focused on using information technology to address national security challenges. The company provides U.S. government and commercial clients with cybersecurity, software development, systems engineering, information/electronic warfare, program support, and data analytics services. It also offers expertise in artificial intelligence/machine learning, 5G technologies, model-based systems engineering, program management, information assurance, intelligence analysis, and CMMC compliance.

The company said it continues to enhance its organic capabilities and is executing strategic acquisitions of firms aligned with its national security focus.

Forward-looking statements

The company said the release includes forward-looking statements under U.S. securities laws, including statements about expectations for future revenue growth, new customer opportunities, improvements to cost structure, and profitability. It noted that such statements are subject to risks and uncertainties that could cause actual results to differ, including competition, integration and growth of acquired companies, acquisition opportunities, potential delays related to the U.S. federal budget process, and maintaining listing of its common stock on the NYSE American LLC. The company directed readers to its filings with the U.S. Securities and Exchange Commission for additional risk factors.