Sum IT Up: CMMC News Roundup

CMMC Pathfinder Tool | In 5 minutes or less, this free tool will give you a clear path from where you are now to CMMC confidence: https://www.summit7.us/pathfinder

Yet another report analyzing defense contractor cybersecurity and compliance with DFARS contract clauses has found that adoption remains low. Even when companies are aware of their obligations, believe that CMMC will happen in 2024, and support minimum requirements there is no guarantee that implementation will happen. This week we dive into why that might be.

The Cyber AB is back with their monthly Town Hall meeting. This week we dive into the current status of the CMMC Program, the last checklist item before official L2 certification announcements, and more.

Register for CS2 Reston: https://cs2.cloud/reston - Use code SUMITUPRESTON for listener discount

Pathfinder 101: https://www.summit7.us/pathfinder

Pathfinder Demo: https://youtu.be/JiDTCchfCa0?si=JJFplxSfvkaRVhRo

AB Town Halls: https://cyberab.org/News-Events/Town-Halls/Details/february-town-hall

“Freeze” Memo: https://youtu.be/L6FUBpogntM?si=0blDfn4tj3E6y_hC

The DoD Inspector General's report on the C3PAO authorization process is out and people haven't been shy with their takes on the findings. This week we dive into the first set of recommendations to see if there really is a smoking gun. We think you'll be surprised at the disparity between the headlines and what the report actually says.

Register for CS2 Reston: https://cs2.cloud/reston

Pathfinder 101: https://www.summit7.us/pathfinder

Pathfinder Demo: https://youtu.be/JiDTCchfCa0?si=JJFplxSfvkaRVhRo

DoD IG report: https://www.dodig.mil/reports.html/Article/4028189/audit-of-the-dods-process-for-authorizing-third-party-organizations-to-perform/

If you haven't caught a Cyber AB Town Hall lately, then you're missing out on valuable information. This week we give our take on the AB's rulemaking timeline, what the FY25 NDAA says about CMMC, the upcoming DoD IG report on the Cyber AB, and more!

Cyber AB Town Halls: https://cyberab.org/News-Events/Town-Halls

Secure the DIB replay: https://www.summit7.us/securethedib

Register for Secure the DIB: Summer Camp for FREE here: https://www.securethedib.us/

You're not crazy. According to a new inspector general report the federal CUI Program has been in hibernation for the last few years. But the story goes much deeper than run-of-the-mill findings. Desperately overworked civil servants, stubbornly non-compliant federal agencies, the lofty heights of the National Security Council, and even rumors of a new CUI executive order. This story might seem a world away from the day-to-day concerns of defense contractors, but what happens on top of the mountain inevitably rolls downhill.

ISOO IG Report: https://naraoig.oversight.gov/reports/audit/audit-naras-information-security-oversight-office

History of CMMC (2010 – 2020): https://youtu.be/jbY2irZ1ePg?si=bGiInfLCpr-WFvcF