My Profile   |   Contact Us   |   Sign In   |   Register
WIPP In Action
Blog Home All Blogs
Search all posts for:   

 

View all (50) posts »
 

The Ugly Truth About the Cybersecurity Maturity Model Certification (CMMC)

Posted By Angela Dingle, President & CEO, Ex Nihilo; WIPP Board of Directors, Chair, Monday, January 27, 2020

WIPP was one of the first small business organizations to raise the red flag on the compliance standards lying in wait for not only Defense Department prime contractors, but also the thousands of subcontractors in the industrial base, as the Cybersecurity Maturity Model Certification (CMMC) began to roll out at its various agencies. 
Angela Dingle
The intent of the CMMC is to combine various cybersecurity control standards such as National Institute of Standards and Technology Special Publication 800-171, NIST SP 800-53, ISO 27001, ISO 27032, AIA NAS9933 and others into one unified standard for cybersecurity. Much like the Capability Maturity Model Integrated (CMMI), the CMMC is designed to measure the maturity of a company’s institutionalization of cybersecurity practices and processes. It will consist of five levels. 
 
All DOD contractors will be required to achieve a Level 1 certification, as reported in Bloomberg Government. Contractors that handle sensitive information up to classified data will be required to achieve a Level 5 certification. In the future, contractors that lack the desired CMMC level will become ineligible to compete for certain contracts and task orders.
 
Join us next month on February 18 for our first WIPP Member Webinar of the year, “The Ugly Truth About CMMC,” which will be a deeper dive into how CMMC will affect your business in the future, strategies for compliance, and how to manage the cost of implementation.

 

Tuesday, February 18 
2 PM ET / 1 PM ET / 11 AM PT
Register Today

 

Free to WIPP Members / $25 for Non-Members

 



This is a guest blog post from Ex Nihilo, a WIPP Member business. 
Ex Nihilio
Since 2002, Ex Nihilo has been a trusted advisor in the public and private sector, providing objective IT governance, risk management, and compliance services based on a thorough understanding of customer requirements and deep systems integration experience.

Tags:  cybersecurity  guest post  regulatory 

Share |
Permalink | Comments (0)
 
more Calendar

3/4/2020
WIPP Community Connections - March 2020

3/11/2020
WIPP Policy Update - March 2020

4/8/2020
WIPP Policy Update - April 2020

5/13/2020
WIPP Policy Update - May 2020

6/10/2020
WIPP Policy Update - June 2020

Featured Members
Amina ElgouacemPresident, NEOSTEK, Inc., Arlington, VA — January 2020 Member Spotlight
Karen R. Jenkins (Robinson)President & CEO, KRJ Consulting, LLC, Columbia, SC — February 2020 Member Spotlight

Privacy Policy / Disclaimer    |    © WIPP  |    888-488-WIPP

Association Management Software Powered by YourMembership  ::  Legal