Cybersecurity Maturity Model Certification (CMMC)

  • Room: Lamar A
Monday, May 09, 2022: 1:00 PM - 2:00 PM

Speaker(s)

Speaker (confirmed)
Dan Turissini
Chair
AFCEA Homeland Security Committee

Description

Over the past 20 plus years Information Security, Information Assurance and now Cyber Security have increasingly become an exercise in managing risk to the point of almost abandoning mitigating vulnerabilities. Relying organizations & consulting professionals have focused on using legacy techniques & stacking redundant symmetric authentication factors to avoid meaningful change. 

Security by obscurity, that has failed in the past, has once again become good enough to satisfy risk management objectives. The result is that we continue to conduct business online without confidence that the online credentials being used are accurately associated with a specific entity. We still offer little or no mechanism to confidently know the difference between legitimate & illegitimate parties/ entities transacting - while agreeing that they are the largest vulnerability. “On the Internet, nobody knows you’re a dog”, (Peter Steiner has been reproduced from page 61 of July 5, 1993 issue of The New Yorker, (Vol.69 (LXIX) no. 20) only for academic discussion, evaluation, research and complies with the copyright law of the United States as defined and stipulated under Title 17 U. S. Code)



The Cybersecurity Maturity Model Certification (CMMC) offers a consistentroadmap for the Defense Industrial Base (DIB), and beyond, to mature it overall Cybersecurity capabilities in a proactive way in order to enhance their business case, protect their brand, while protecting our Nation’s Economy and Security. 

This session will challenge the DIB and the Department (and associated supply chain) to “move forward” by embracing the CMMC and provide some incremental actions that can be taken to make this journey and integrated business initiative. This is particularly important doing business under a lowest price technically acceptable source selection process. 

The presentation will provide an overview of CMMC and provide guidance, particularly for Small and Medium size businesses that desire to do, or continue to do, business with the Department.

  
Track(s)

  
  

  
Handout(s)

  





Sponsored by


Approved for 1 CompTIA CEU: A+, Network+, Security+, Linux+, Cloud+, CySA+, and CASP+; 1 GIAC CPE; 1 CertNexus CFR