CISO Global’s TalaTek Achieves C3PAO Status from the CyberAB, Empowering Cybersecurity Compliance Leadership Across the Defense Industrial Base

Rhea-AI Summary

CISO Global (NASDAQ: CISO) announced on November 18, 2025 that its TalaTek subsidiary achieved C3PAO designation under the CMMC program. The designation expands the company’s ability to provide certified third-party assessments to defense contractors and suppliers across the Defense Industrial Base (DIB).

TalaTek previously held FedRAMP 3PAO status since 2014, and CISO Global says the combined capabilities will support CMMC assessments, readiness consulting, FedRAMP advisory and independent assessments, continuous monitoring, and policy and compliance strategy services.

Positive

• C3PAO designation granted on November 18, 2025
• FedRAMP 3PAO status maintained since 2014
• Supports CMMC assessments for Defense Industrial Base contractors
• Offers combined GRC, continuous monitoring, and advisory services

Negative

• None.

Insights

Cybersecurity Compliance Strategist

C3PAO designation extends TalaTek's assessment authority and strengthens its market access into the Defense Industrial Base.

CISO Global's TalaTek gains formal C3PAO status under the CMMC program on Nov. 18, 2025, enabling it to perform certified third-party assessments for defense contractors. This builds on its existing FedRAMP 3PAO history since 2014, aligning its advisory and assessment offerings with an explicit DoD compliance pathway. The company lists CMMC assessments, FedRAMP advisory, continuous monitoring, and policy development among its services.

The business effect is straightforward: the designation authorizes fee-for-service assessments tied to a regulated compliance requirement, which can convert advisory relationships into certified assessment engagements. Key dependencies include maintaining C3PAO accreditation, client demand from the Defense Industrial Base, and operational capacity to deliver independent assessments at scale. Watch for contracting wins and published assessment engagements in the next 6–18 months as indicators of revenue conversion; also monitor any changes to CMMC program rules that would affect assessor roles.

Scottsdale, AZ, Nov. 18, 2025 (GLOBE NEWSWIRE) -- CISO Global (NASDAQ: CISO), a leading provider of AI-powered cybersecurity software and compliance services, today announced its designation as a Certified Third-Party Assessment Organization (C3PAO) under the Cybersecurity Maturity Model Certification (CMMC) program. This milestone reinforces the Company’s long-standing commitment to delivering exceptional compliance and risk management services to organizations across regulated industries.

Since 2014, TalaTek, a wholly owned subsidiary of CISO Global, has held FedRAMP 3PAO status, providing independent assessments and advisory services to help organizations achieve and maintain compliance with federal security standards. Building on this foundation, the new C3PAO status positions CISO Global to support defense contractors and suppliers in meeting the stringent requirements of the Department of Defense’s CMMC framework: a mission-critical component for safeguarding the Defense Industrial Base (DIB) and protecting national security.

“Achieving C3PAO status is a natural extension of our mission to help organizations manage risk and maintain trust,” said David Jemmett, CEO of CISO Global. “Our proven expertise in advisory services and continuous monitoring ensures that clients not only achieve compliance but sustain it in an ever-evolving threat landscape. This is especially vital for the DIB, where cybersecurity resilience directly impacts the integrity of our nation’s defense supply chain.”

CISO Global’s TalaTek combines deep regulatory knowledge with advanced cybersecurity solutions, offering a comprehensive approach to governance, risk, and compliance. The company’s GRC services include:

• CMMC Assessments and Readiness Consulting
• FedRAMP Advisory and Independent Assessments
• Continuous Monitoring and Risk Management
• Policy Development and Compliance Strategy

For more information about CISO Global’s C3PAO services, visit https://www.ciso.inc/capabilities/strategy-risk-solutions/

About CISO Global

CISO Global, Inc. (NASDAQ: CISO), headquartered in Scottsdale, Arizona, is an industry leader in AI-powered cybersecurity software, managed cybersecurity, and compliance that delivers comprehensive solutions designed to protect organizations from the latest cyber threats. The company protects the most demanding businesses and government organizations against continuing and emerging security threats and ensures their compliance obligations are being met. For more information about the company, visit ciso.inc; see the following link to join the investor relations email alerts.    

Safe Harbor Statement  

This news release contains certain statements that may be deemed to be forward-looking statements under federal securities laws, and we intend that such forward-looking statements be subject to the safe harbor created thereby. Such forward-looking statements include, among others, our belief that we are an industry leader in AI-powered cybersecurity software and compliance services; our belief that receiving the C3PAO designation reinforces our commitment to deliver compliance and risk management services; our expectation that the C3PAO status positions us to support defense contractors and suppliers in meeting the stringent requirements of the Department of Defense’s CMMC framework; our belief that our advisory services and continuous monitoring ensure that clients achieve and sustain compliance; our belief that cybersecurity is vital for the defense supply chain of our nation; and our belief that we provide comprehensive cybersecurity solutions to our clients and are a profitable, resilient, and trusted enterprise. These statements are often, but not always, made through the use of words or phrases such as "believes," "expects," "anticipates," "intends," "estimates," “predict,” "plan," “project,” “continuing,” “ongoing,” “potential,” “opportunity,” "will," "may," "look forward," "guidance," "future" or similar words or phrases. These statements reflect our current views, expectations, and beliefs concerning future events and are subject to substantial risks, uncertainties, and other factors that could cause actual results to differ materially from those reflected by such forward-looking statements. These risks may be detailed from time to time in the reports filed with the Securities and Exchange Commission, including the Annual Report on Form 10-K for the fiscal year ended December 31, 2024. You should not place undue reliance on any forward-looking statements, which speak only as of the date they are made. Except as required by law, we assume no obligation and do not intend to update any forward-looking statements, whether as a result of new information, future developments, or otherwise.

For Media Inquiries:   
Hilary Meyers   
hilary.meyers@ciso.inc
(480) 389-3444   

FAQ

What did CISO (NASDAQ: CISO) announce on November 18, 2025?

CISO announced that subsidiary TalaTek achieved C3PAO designation under the CMMC program.

How does TalaTek’s C3PAO status affect CISO’s services for defense contractors?

The C3PAO status enables CISO to perform certified CMMC assessments and readiness consulting for DIB contractors and suppliers.

What prior compliance credential does TalaTek hold that supports CISO’s new C3PAO role?

TalaTek has held FedRAMP 3PAO status since 2014, providing federal security assessment experience.

Which services will CISO offer following the C3PAO designation?

CISO will offer CMMC assessments, FedRAMP advisory and independent assessments, continuous monitoring, and compliance policy development.

Why is CISO’s C3PAO designation important for the Defense Industrial Base?

It provides certified third-party assessment capacity to help DIB suppliers meet CMMC requirements that protect defense supply chain security.