CMMC

Q&A with Sera-Brynn on the DoD Interim Rule, SPRS, and the November 30 Deadline that Isn’t Really a Deadline.

On September 29, 2020, the Department of Defense (DoD) released an interim rule to begin the implementation of its Cybersecurity Maturity Model Certification (CMMC) framework. The majority of the interim rule focuses on new requirements for confirming that contractors are currently in compliance the 110 security controls of National Institute of Standards and Technology (NIST)… Read more »

Using NIST SP 800-171A to Perform Self-Assessments and Scoring under the New DFARS Cybersecurity Rule

You are probably well aware at this point that the Department of Defense has published new (interim) cybersecurity rules (effective November 30, 2020). Much of the press around this announcement has been about the Cybersecurity Maturity Model Certification (CMMC). However, it is unknown when and to whom CMMC will apply over the next five years…. Read more »

DoD Now to Require Cybersecurity Self-Assessments with New DFARS Rule

On September 29, 2020, the Department of Defense (DoD) issued an  interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS). The interim rule implements the Cybersecurity Maturity Model Certification (CMMC) program. The rule introduces a new construct: the DoD Assessment Methodology.  Before contracts undergo a full CMMC review, this new construct will serve as… Read more »

CMMC Cometh

Tomorrow, September 29, 2020, the Department of Defense anticipates issuing an interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DoD Assessment Methodology and Cybersecurity Maturity Model Certification framework in order to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DoD supply chain…. Read more »

ICYMI: Sera-Brynn/MISI webinar: “How the DIB is Moving Towards CMMC” (June 17, 2020)

Today, Colin Glover of Sera-Brynn joined Armando Sey of the Maryland Innovation & Security Institute (MISI) for a presentation and Q&A session centered on the current state of the defense industrial base’s implementation of NIST-based cybersecurity standards. Highlighted was Sera-Brynn’s report, “Reality Check: Defense Industry’s Implementation of NIST SP 800-171. Keen insights from certified cybersecurity… Read more »

ICYMI: Sera-Brynn’s Latest CMMC Webinar Now on Demand: “Configuration Management for Small Businesses Preparing for CMMC”

On March 26, 2020, Sera-Brynn held the first of its new webinar series on the Department of Defense’s most recent version of the Cybersecurity Maturity Model Certification (CMMC) framework. In case you missed it, we have made the webinar recording available on our YouTube channel. Our speakers, Colin Glover and Alexy Johnson, represented Sera-Brynn’s cybersecurity… Read more »

CMMC Model 1.0 Released: DoD’s unified cybersecurity standard for future acquisitions

In a major effort to strengthen the cybersecurity posture of the hundred of thousands of Defense Industrial Base (DIB) subcontractors, the Department of Defense today released final Model Version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework. This version replaces previously released versions 0.4, 0.6, and 0.7, which have been made available to the… Read more »

Getting Ready for CMMC | Recommended Resources and Links

The Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program will be a new contractual requirement for all DoD contractors. It will impact the 300,000 firms that make up the defense industrial base.  It will not be a self-attestation model, but rather a third-party certification and compliance model. In 2020, the DoD plans to finalize… Read more »

Cybersecurity Maturity Model Certification (CMMC) Version 0.7 Arrives!

  The Cybersecurity Maturity Model Certification (CMMC) Draft Version 0.7 is live and available here. Version 0.7 includes Level 4-5 practices and modifies some maturity processes and Level 1-3 practices. This draft is another step closer to the final version — CMMC 1.0. The CMMC will be a new contractual requirement for all DoD contractors. … Read more »