CMMC Program and the DIB Preparation, Part 1 – Doug Landoll – SCW #75
Doing business with the Federal government has always had its share of requirements and regulations, especially when it comes to storing, processing, or transmitting any sensitive data. In fact, organizations doing business with the Federal government involving sensitive data are well acquainted with the cybersecurity controls they must implement based on controls from well-known frameworks such as the National Institute of Standards and Technology (NIST) Special Publication 800-53 (NIST SP 800-53) and NIST SP 800-171. However, in the last several years these controls (and the method by which organizations must demonstrate compliance have drastically changed, culminating in the Cybersecurity Maturity Model Certification (CMMC) Framework.
Segment Resources:
Official DoD Acquisition Site for CMMC Program Info: https://www.acq.osd.mil/cmmc/
Official Site of the CMMC Program: https://cmmcab.org/
Official NIST Site for publications such as 800-53, 800-171: https://csrc.nist.gov/publications
Announcements
Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!
Security Weekly is ecstatic to announce that Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Call for presentations & early registration for Security Weekly listeners is open now! Visit securityweekly.com/unlocked to submit your presentation & register for the early registration price before it expires!
Guest
Douglas J. Landoll (CISSP, MBA, ISSA Distinguished Fellow) is a recognized leader in cybersecurity with over 34 years
experience in evaluating cybersecurity controls and system
assessments for top corporations, and government agencies.
He is the author of numerous cybersecurity publications
including, The Security Risk Assessment Handbook, Information Security Policies, Procedures, and Standards, and The Physical Security Field Guide. His cybersecurity
publications are used as textbooks in university cybersecurity programs and as reference books for cybersecurity professionals.