VIRTUAL OPTION - Demystifying CMMC: Strategies for Compliance & Certification

Date and time

-

Location

Online

Organizer

Jessica Kilpatrick
jykilpat@Central.UH.EDU

Host organization

APEX Accelerator

Type of event

Resource Partner event

Event description

The Department of Defense (DoD) has established stringent cybersecurity requirements for all its contracts. Soon, these requirements will extend to include the Cybersecurity Maturity Model Certification (CMMC) Final Rule, a rigorous third-party assessment designed to ensure that defense contractors and subcontractors possess the capabilities to safeguard sensitive unclassified information.

Given the escalating threat landscape with adversaries launching cyberattacks, the DoD now mandates that companies within the Defense Industrial Base (DIB) report their current cybersecurity compliance status through the DoD Supplier Performance Risk System (SPRS). Consequently, DIB companies have received letters from the DoD or their prime contractors seeking information about their compliance and future certification status.

Our workshop comprises two comprehensive sessions, followed by a dedicated Q&A. Session 1 will provide an overview of CMMC Program Final Rule, the current DoD cybersecurity requirements, and a typical journey toward compliance. Session 2 will delve into the specific cybersecurity requirements across the 14 domains. Also, we will share strategies for compliance and preparing for the assessments.

Note: This workshop is designed for individuals and entities with a limited understanding of the CMMC Program Final Rule and its implications.

Agenda:

  • SBDC – Small Business Development Center:
    • Kim Way - Houston Center, Program Director
    • Robert Johnson - Director, SBDC Vision2Venture Program
  • Introduction/Opening Remarks – Tim Healy, Program Director - UH APEX Accelerator
  • In this workshop, we will cover the following:
    Session 1: Executive Overview of CMMC Program

    • Overview of CMMC Program
    • Overview of the existing DoD cybersecurity requirements landscape
    • Understand what sensitive unclassified information means and how to categorize them
    • Overview of a typical CMMC certification journey

    Session 2: Cybersecurity Compliance and CMMC Certification

    • Overview of the 14 cybersecurity domains based on NIST 800-171 Rev. 2 cybersecurity requirements
    • Know where you are now and understand where you need to be
    • Discuss how to find certified professionals and assessors for help for Level 1 and Level 2
    • Discuss strategies to comply with CMMC Level 2 and cost factors
  • Q&A
Register