SlideShare une entreprise Scribd logo

EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defense Data Protection Guide

Rea & Associates
Rea & Associates

Present-day in our galaxy, right here … The US Department of Defense (DoD) recently developed and established the Cybersecurity Maturity Model Certification (CMMC) as the new standard for the Defense Industrial Base (DIB). More plainly, it’s a certification process that provides assurance to the DoD that a required entity is equipped to protect unclassified information, including any data that transfers between its vendors and partners. That’s a simplified definition of what a CMMC and CMMC compliance is and it already sounds complicated. It doesn’t have to be, though. Etactics and Rea & Associates have joined forces to break down every facet of this new certification into a comprehensive webinar series entitled Security Wars. The first webinar in our Security Wars series serves as a necessary introduction to CMMC. Join Matt Moneypenny, senior marketing and sales analyst at Etactics, and Ty Whittenburg, senior information assurance manager at Rea & Associates, as they unpack the DoD’s newest standard by starting with its three maturity levels and their implications on data protection. #SecurityWarsSeries #CMMC #Cybersecurity Learn more about Rea & Associates at https://www.reacpa.com Discover how Etactics can help your business at https://etactics.com/

Business
1  sur  40
Télécharger pour lire hors ligne
Introducing... Ty Whittenburg Sr. Information Assurance Manager Rea & Associates As a Senior Information Assurance Manager and CMMC- Registered Practitioner on Rea’s Cybersecurity team, Ty can be found ensuring organizations technology and networks drive business objectives by identifying potential loss events, reducing their frequency, and loss magnitude. With more than 10 years of industry experience, he is involved with the Central Ohio ISSA, the Greater Ohio FAIR chapter, the Ohio River Valley Cloud Security Alliance, and InfraGard Columbus.
J.P. Cervo Regional Sales Manager Etactics Introducing... Since receiving a B.A. in English from Kent State University, J.P . has accumulated over 10 years of project management and sales experience within the healthcare space. Currently, he is a regional sales manager for Etactics, Inc. and has lead multiple product development efforts including Etactics’ K2 Compliance™ cloud-based governance, risk, and compliance management solution.
J.P. Cervo Regional Sales Manager Etactics Introducing... Since receiving a B.A. in English from Kent State University, J.P . has accumulated over 10 years of project management and sales experience within the healthcare space. Currently, he is a regional sales manager for Etactics, Inc. and has lead multiple product development efforts including Etactics’ K2 Compliance™ cloud-based governance, risk, and compliance management solution. R E C A S T
Matt Moneypenny Senior Marketing & Sales Analyst Etactics Introducing... Matt Moneypenny is the lead Marketing and Sales Analyst at Etactics, a revenue cycle technology company located in Northeast Ohio. Previously, he served as the Senior Content Strategist at an online news source for Amazon’s Twitch Interactive, for three years while attending The University of Akron in pursuit of a Bachelor’s of Business Administration in Marketing Management.
Poll Time! Q: What do you expect to get out of this webinar?
Understanding CMMC If you look at the DOD’s website that explains CMMC...
CMMC In a Nutshell ● Officially published on January 31, 2020 ● It’s a new, unified certification process that provides assurance to the DOD that a required entity is equipped to protect unclassified information, including any data that transfers between its vendors and partners.
Who’s Affected by CMMC? ● Over 300,000 DoD suppliers who deal with Controlled Unclassified Information (CUI) must obtain a certification Small Subcontractors Big Prime
CMMC Important Dates January 2020 DoD introduces Version 1.0 of the CMMC June 2020 Opens registration for C3PAOs and third-party assessors July 2020 DoD to creates and publishes a CMMC training September 2020 Implement CMMC into the DFARS regulation November 2020 Incorporate requirements in Requests for Proposals 2021 - 2026 Implementation of the CMMC through a phased rollout 2026 CMMC certification becomes a requirement
Don’t Delay All new DoD contracts will contain CMMC requirement starting in FY2026
Poll Time! Q: Have you begun preparation for CMMC?
CMMC Timeline
Step 1 Identify desired maturity level you want to be audited for and complete a self-assessment
Step 2 Start drafting a budget for CMMC compliance to include costs for enhancing security requirements, updating policies, leveraging applications, contracting a Registered Provider Organization , and any additional
Step 3 Configure your existing security environment to align to: ● FAR 50. 204-21 ● DFARS 252.204-7012 ● NIST 800-171 Contractors that implement all controls should be able to achieve CMMC Level 3
Step 4 Build a Plan of Action & Milestones (POA&M) to ensure compliance will be achieved in a defined time period.
Step 5 Find an available RPO or C3PAO who will schedule the assessment with the certified independent assessor
Step 6 “6 month waiting period between application and certification” Culture takes time
Estimated Costs of CMMC
CMMC Levels of Maturity 1 2 3 4 5
CMMC Levels of Maturity DoD contractors who wish to pass an audit at this level must implement 17 practices of FAR 52.204-21 Level 1 Demonstrates “Basic Cyber Hygiene”
CMMC Levels of Maturity 1 2 3 4 5
CMMC Levels of Maturity Here, DoD contractors must implement another 55 practices (72 total). Complying w/ FAR & including a select subset of 48 practices from NIST 800-171 rev1 plus seven new practices to support intermediate cyber hygiene. Level 2 Demonstrates “Intermediate Cyber Hygiene”
CMMC Levels of Maturity 1 2 3 4 5
CMMC Levels of Maturity To achieve level 3 certification, the final 58 practices of NIST 800-171 Rev1 plus 20 additional practices to support good cyber hygiene. Level 3 Demonstrates “Good Cyber Hygiene”
CMMC Levels of Maturity 1 2 3 4 5
CMMC Levels of Maturity In addition to the controls in levels 1 through 3, 11 more controls of NIST 800-171 Rev1 plus 22 new practices must be implemented. Level 4 Demonstrates “Proactive Cybersecurity”
CMMC Levels of Maturity 1 2 3 4 5
CMMC Levels of Maturity To achieve this highest level, DoD contractors must implement the final fifteen practices Level 5 Demonstrates “Advanced Cybersecurity”
Poll Time! Q: What Maturity level do you need to achieve?
Any Further Questions?
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defense Data Protection Guide
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defense Data Protection Guide

Recommandé

Importance about do d cyber and cmmc ab at cmmcmarketplace.org
Importance about do d cyber and cmmc ab at cmmcmarketplace.orgImportance about do d cyber and cmmc ab at cmmcmarketplace.org
Importance about do d cyber and cmmc ab at cmmcmarketplace.org
cmmcmarketplace
 
[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...
[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...
[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...
Rea & Associates
 
Create Lightning with Lightning & IoT
Create Lightning with Lightning & IoTCreate Lightning with Lightning & IoT
Create Lightning with Lightning & IoT
Salesforce Developers
 
Mela Capital Group Fnma Qc V3
Mela Capital Group Fnma Qc V3Mela Capital Group Fnma Qc V3
Mela Capital Group Fnma Qc V3
Cindi Dixon
 
Mela Capital Group Fnma Qc V2
Mela Capital Group Fnma Qc V2Mela Capital Group Fnma Qc V2
Mela Capital Group Fnma Qc V2
Cindi Dixon
 
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and ClassroomCRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
Bharathi Grover
 
Leveraging compliance to raise the bar on security
Leveraging compliance to raise the bar on securityLeveraging compliance to raise the bar on security
Leveraging compliance to raise the bar on security
Mike Lemire
 
How Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the WorkplaceHow Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the Workplace
Dreamforce
 

Recommandé

Importance about do d cyber and cmmc ab at cmmcmarketplace.org
Importance about do d cyber and cmmc ab at cmmcmarketplace.orgImportance about do d cyber and cmmc ab at cmmcmarketplace.org
Importance about do d cyber and cmmc ab at cmmcmarketplace.org
cmmcmarketplace
 
[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...
[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...
[ON-DEMAND WEBINAR] Security Wars: Episode 2 | CMMC: Return of The Process Fo...
Rea & Associates
 
Create Lightning with Lightning & IoT
Create Lightning with Lightning & IoTCreate Lightning with Lightning & IoT
Create Lightning with Lightning & IoT
Salesforce Developers
 
Mela Capital Group Fnma Qc V3
Mela Capital Group Fnma Qc V3Mela Capital Group Fnma Qc V3
Mela Capital Group Fnma Qc V3
Cindi Dixon
 
Mela Capital Group Fnma Qc V2
Mela Capital Group Fnma Qc V2Mela Capital Group Fnma Qc V2
Mela Capital Group Fnma Qc V2
Cindi Dixon
 
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and ClassroomCRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
CRISC – Certified in Risk & Information Systems Control| Virtual and Classroom
Bharathi Grover
 
Leveraging compliance to raise the bar on security
Leveraging compliance to raise the bar on securityLeveraging compliance to raise the bar on security
Leveraging compliance to raise the bar on security
Mike Lemire
 
How Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the WorkplaceHow Morgan Stanley is Using Apps to Transform the Workplace
How Morgan Stanley is Using Apps to Transform the Workplace
Dreamforce
 
Problem And Purpose Of A Project
Problem And Purpose Of A ProjectProblem And Purpose Of A Project
Problem And Purpose Of A Project
Christina Valadez
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?
Jim Kaplan CIA CFE
 
Description of Methodology
Description of MethodologyDescription of Methodology
Description of Methodology
David Facter
 
Overview of CMMI
Overview of CMMI Overview of CMMI
Overview of CMMI
Certification Consultant
 
Cloud credential council presentation
Cloud credential council presentationCloud credential council presentation
Cloud credential council presentation
shuangyinli
 
Sharpening revenue assurance_july 2015
Sharpening revenue assurance_july 2015Sharpening revenue assurance_july 2015
Sharpening revenue assurance_july 2015
Silas Musakali
 
Thesis
ThesisThesis
Thesis
IUI
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Ignyte Assurance Platform
 
Webinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptxWebinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptx
ControlCase
 
Structure of the US CMA Exam
Structure of the US CMA ExamStructure of the US CMA Exam
Structure of the US CMA Exam
chinuroula
 
super affiliate generating Big commissions with onlinecasino affiliate programs
super affiliate generating Big commissions with onlinecasino affiliate programs super affiliate generating Big commissions with onlinecasino affiliate programs
super affiliate generating Big commissions with onlinecasino affiliate programs
troyjefferson3
 
CIF Self Certification MSP Oct15
CIF Self Certification MSP Oct15CIF Self Certification MSP Oct15
CIF Self Certification MSP Oct15
Jason Wyatt
 
Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?
Jim Kaplan CIA CFE
 
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdfA Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
Jack Nichelson
 
Total FBO User Conference
Total FBO User ConferenceTotal FBO User Conference
Total FBO User Conference
Branden Williams
 
Top 9 Certifications
Top 9 CertificationsTop 9 Certifications
Top 9 Certifications
Alexandre Pallota
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC Certification
ControlCase
 
Around the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case StudyAround the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case Study
dreamforce2006
 
Capm Free Seminar Presentation
Capm Free Seminar PresentationCapm Free Seminar Presentation
Capm Free Seminar Presentation
Ravindra Kamthe
 
1. five habits of highly successful clouds
1. five habits of highly successful clouds1. five habits of highly successful clouds
1. five habits of highly successful clouds
EuroCloud
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
Rea & Associates
 
Rea & Associates' Manufacturing Day 2022
Rea & Associates' Manufacturing Day 2022Rea & Associates' Manufacturing Day 2022
Rea & Associates' Manufacturing Day 2022
Rea & Associates
 

Contenu connexe

Similaire à EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defense Data Protection Guide

Description of Methodology
Description of MethodologyDescription of Methodology
Description of Methodology
David Facter
 
Cloud credential council presentation
Cloud credential council presentationCloud credential council presentation
Cloud credential council presentation
shuangyinli
 
Sharpening revenue assurance_july 2015
Sharpening revenue assurance_july 2015Sharpening revenue assurance_july 2015
Sharpening revenue assurance_july 2015
Silas Musakali
 
Thesis
ThesisThesis
Thesis
IUI
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Ignyte Assurance Platform
 
CIF Self Certification MSP Oct15
CIF Self Certification MSP Oct15CIF Self Certification MSP Oct15
CIF Self Certification MSP Oct15
Jason Wyatt
 
Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?
Jim Kaplan CIA CFE
 
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdfA Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
Jack Nichelson
 
Around the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case StudyAround the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case Study
dreamforce2006
 
Capm Free Seminar Presentation
Capm Free Seminar PresentationCapm Free Seminar Presentation
Capm Free Seminar Presentation
Ravindra Kamthe
 
1. five habits of highly successful clouds
1. five habits of highly successful clouds1. five habits of highly successful clouds
1. five habits of highly successful clouds
EuroCloud
 

Similaire à EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defense Data Protection Guide (20)

Problem And Purpose Of A Project
Problem And Purpose Of A ProjectProblem And Purpose Of A Project
Problem And Purpose Of A Project
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?
 
Description of Methodology
Description of MethodologyDescription of Methodology
Description of Methodology
 
Overview of CMMI
Overview of CMMI Overview of CMMI
Overview of CMMI
 
Cloud credential council presentation
Cloud credential council presentationCloud credential council presentation
Cloud credential council presentation
 
Sharpening revenue assurance_july 2015
Sharpening revenue assurance_july 2015Sharpening revenue assurance_july 2015
Sharpening revenue assurance_july 2015
 
Thesis
ThesisThesis
Thesis
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
 
Webinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptxWebinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptx
 
Structure of the US CMA Exam
Structure of the US CMA ExamStructure of the US CMA Exam
Structure of the US CMA Exam
 
super affiliate generating Big commissions with onlinecasino affiliate programs
super affiliate generating Big commissions with onlinecasino affiliate programs super affiliate generating Big commissions with onlinecasino affiliate programs
super affiliate generating Big commissions with onlinecasino affiliate programs
 
CIF Self Certification MSP Oct15
CIF Self Certification MSP Oct15CIF Self Certification MSP Oct15
CIF Self Certification MSP Oct15
 
Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?
 
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdfA Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf
 
Total FBO User Conference
Total FBO User ConferenceTotal FBO User Conference
Total FBO User Conference
 
Top 9 Certifications
Top 9 CertificationsTop 9 Certifications
Top 9 Certifications
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC Certification
 
Around the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case StudyAround the World in 100 Days a Global Deployment Case Study
Around the World in 100 Days a Global Deployment Case Study
 
Capm Free Seminar Presentation
Capm Free Seminar PresentationCapm Free Seminar Presentation
Capm Free Seminar Presentation
 
1. five habits of highly successful clouds
1. five habits of highly successful clouds1. five habits of highly successful clouds
1. five habits of highly successful clouds
 

Plus de Rea & Associates

[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...
[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...
[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...
Rea & Associates
 
[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...
[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...
[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...
Rea & Associates
 
[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...
[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...
[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...
Rea & Associates
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
Rea & Associates
 
[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)
[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)
[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)
Rea & Associates
 
[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...
[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...
[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...
Rea & Associates
 
[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...
[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...
[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...
Rea & Associates
 
[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...
[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...
[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...
Rea & Associates
 
[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...
[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...
[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...
Rea & Associates
 
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
Rea & Associates
 
[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...
[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...
[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...
Rea & Associates
 
[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...
[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...
[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...
Rea & Associates
 
[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance
[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance
[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance
Rea & Associates
 
[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...
[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...
[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...
Rea & Associates
 

Plus de Rea & Associates (20)

2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
 
Rea & Associates' Manufacturing Day 2022
Rea & Associates' Manufacturing Day 2022Rea & Associates' Manufacturing Day 2022
Rea & Associates' Manufacturing Day 2022
 
Rea & Associates - 4th Annual Construction Kickoff
Rea & Associates - 4th Annual Construction KickoffRea & Associates - 4th Annual Construction Kickoff
Rea & Associates - 4th Annual Construction Kickoff
 
Rea Manufacturing Day 2021
Rea Manufacturing Day 2021Rea Manufacturing Day 2021
Rea Manufacturing Day 2021
 
HR Compliance & Insurance Benefit Perspectives: What Employers Should Be Awar...
HR Compliance & Insurance Benefit Perspectives: What Employers Should Be Awar...HR Compliance & Insurance Benefit Perspectives: What Employers Should Be Awar...
HR Compliance & Insurance Benefit Perspectives: What Employers Should Be Awar...
 
LIVE EVENT - 3rd Annual Fall Construction Risk Update - September 30
LIVE EVENT - 3rd Annual Fall Construction Risk Update - September 30LIVE EVENT - 3rd Annual Fall Construction Risk Update - September 30
LIVE EVENT - 3rd Annual Fall Construction Risk Update - September 30
 
[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...
[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...
[ON-DEMAND WEBINAR] COVID 2.0 | Tips To Address New Cases, Mask Mandates, & V...
 
[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...
[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...
[ON-DEMAND WEBINAR] Revealing The State & Local Tax Considerations Of A Remot...
 
[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...
[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...
[ON-DEMAND WEBINAR] How To Hire More Employees & Keep Them Happy: Tips To Att...
 
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
[ON-DEMAND WEBINAR] Managed Service Providers vs Managed Security Service Pro...
 
[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)
[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)
[ON-DEMAND WEBINAR] CPA Pros Prepare For The 2020 Medicaid School Program (MSP)
 
[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...
[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...
[ON-DEMAND RECORDING] Deep Impact: Is Your Manufacturing Company On A Collisi...
 
[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...
[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...
[ON-DEMAND WEBINAR] Construction Companies: Manage Cyber Risk Exposure & Prev...
 
[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...
[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...
[ON-DEMAND WEBINAR] Covid Vaccine & HIPAA: Can Employers To Receive The COVID...
 
[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...
[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...
[ON-DEMAND RECORDING] Managing Remote Employees, HR Policies, Sales Tax, & Ot...
 
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
[ON-DEMAND WEBINAR] Understanding SOC2: A SOC 2 Guide for Managed Service Pro...
 
[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...
[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...
[ON-DEMAND WEBINAR] Third Annual Construction Industry Kickoff | Rea & Associ...
 
[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...
[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...
[ON-DEMAND WEBINAR] New Year, New COVID 19 Vaccine, New Unemployment Rules, N...
 
[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance
[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance
[ON-DEMAND WEBINAR] Next Steps In COVID 19 Protocols & Compliance
 
[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...
[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...
[ON-DEMAND WEBINAR] Social Security v. Medicare: Addressing Your Most Asked Q...
 

Dernier

Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Dipal Arora
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Dipal Arora
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
Renandantas16
 

Dernier (20)

Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Phases of negotiation .pptx
Phases of negotiation .pptx Phases of negotiation .pptx
Phases of negotiation .pptx
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 

EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defense Data Protection Guide

  • 1.
  • 2. Introducing... Ty Whittenburg Sr. Information Assurance Manager Rea & Associates As a Senior Information Assurance Manager and CMMC- Registered Practitioner on Rea’s Cybersecurity team, Ty can be found ensuring organizations technology and networks drive business objectives by identifying potential loss events, reducing their frequency, and loss magnitude. With more than 10 years of industry experience, he is involved with the Central Ohio ISSA, the Greater Ohio FAIR chapter, the Ohio River Valley Cloud Security Alliance, and InfraGard Columbus.
  • 3. J.P. Cervo Regional Sales Manager Etactics Introducing... Since receiving a B.A. in English from Kent State University, J.P . has accumulated over 10 years of project management and sales experience within the healthcare space. Currently, he is a regional sales manager for Etactics, Inc. and has lead multiple product development efforts including Etactics’ K2 Compliance™ cloud-based governance, risk, and compliance management solution.
  • 4. J.P. Cervo Regional Sales Manager Etactics Introducing... Since receiving a B.A. in English from Kent State University, J.P . has accumulated over 10 years of project management and sales experience within the healthcare space. Currently, he is a regional sales manager for Etactics, Inc. and has lead multiple product development efforts including Etactics’ K2 Compliance™ cloud-based governance, risk, and compliance management solution. R E C A S T
  • 5. Matt Moneypenny Senior Marketing & Sales Analyst Etactics Introducing... Matt Moneypenny is the lead Marketing and Sales Analyst at Etactics, a revenue cycle technology company located in Northeast Ohio. Previously, he served as the Senior Content Strategist at an online news source for Amazon’s Twitch Interactive, for three years while attending The University of Akron in pursuit of a Bachelor’s of Business Administration in Marketing Management.
  • 6. Poll Time! Q: What do you expect to get out of this webinar?
  • 7. Understanding CMMC If you look at the DOD’s website that explains CMMC...
  • 8. CMMC In a Nutshell ● Officially published on January 31, 2020 ● It’s a new, unified certification process that provides assurance to the DOD that a required entity is equipped to protect unclassified information, including any data that transfers between its vendors and partners.
  • 9. Who’s Affected by CMMC? ● Over 300,000 DoD suppliers who deal with Controlled Unclassified Information (CUI) must obtain a certification Small Subcontractors Big Prime
  • 10. CMMC Important Dates January 2020 DoD introduces Version 1.0 of the CMMC June 2020 Opens registration for C3PAOs and third-party assessors July 2020 DoD to creates and publishes a CMMC training September 2020 Implement CMMC into the DFARS regulation November 2020 Incorporate requirements in Requests for Proposals 2021 - 2026 Implementation of the CMMC through a phased rollout 2026 CMMC certification becomes a requirement
  • 11. Don’t Delay All new DoD contracts will contain CMMC requirement starting in FY2026
  • 12. Poll Time! Q: Have you begun preparation for CMMC?
  • 14.
  • 15. Step 1 Identify desired maturity level you want to be audited for and complete a self-assessment
  • 16.
  • 17. Step 2 Start drafting a budget for CMMC compliance to include costs for enhancing security requirements, updating policies, leveraging applications, contracting a Registered Provider Organization , and any additional
  • 18.
  • 19. Step 3 Configure your existing security environment to align to: ● FAR 50. 204-21 ● DFARS 252.204-7012 ● NIST 800-171 Contractors that implement all controls should be able to achieve CMMC Level 3
  • 20.
  • 21. Step 4 Build a Plan of Action & Milestones (POA&M) to ensure compliance will be achieved in a defined time period.
  • 22.
  • 23. Step 5 Find an available RPO or C3PAO who will schedule the assessment with the certified independent assessor
  • 24.
  • 25. Step 6 “6 month waiting period between application and certification” Culture takes time
  • 27. CMMC Levels of Maturity 1 2 3 4 5
  • 28. CMMC Levels of Maturity DoD contractors who wish to pass an audit at this level must implement 17 practices of FAR 52.204-21 Level 1 Demonstrates “Basic Cyber Hygiene”
  • 29. CMMC Levels of Maturity 1 2 3 4 5
  • 30. CMMC Levels of Maturity Here, DoD contractors must implement another 55 practices (72 total). Complying w/ FAR & including a select subset of 48 practices from NIST 800-171 rev1 plus seven new practices to support intermediate cyber hygiene. Level 2 Demonstrates “Intermediate Cyber Hygiene”
  • 31. CMMC Levels of Maturity 1 2 3 4 5
  • 32. CMMC Levels of Maturity To achieve level 3 certification, the final 58 practices of NIST 800-171 Rev1 plus 20 additional practices to support good cyber hygiene. Level 3 Demonstrates “Good Cyber Hygiene”
  • 33. CMMC Levels of Maturity 1 2 3 4 5
  • 34. CMMC Levels of Maturity In addition to the controls in levels 1 through 3, 11 more controls of NIST 800-171 Rev1 plus 22 new practices must be implemented. Level 4 Demonstrates “Proactive Cybersecurity”
  • 35. CMMC Levels of Maturity 1 2 3 4 5
  • 36. CMMC Levels of Maturity To achieve this highest level, DoD contractors must implement the final fifteen practices Level 5 Demonstrates “Advanced Cybersecurity”
  • 37. Poll Time! Q: What Maturity level do you need to achieve?