Sum IT Up: CMMC News Roundup
Sum IT Up: CMMC News Roundup
Episodes
Episodes of Sum IT Up
Mark All
DoD has officially released their parameters for NIST SP 800-171 revision 3 requirements. Defense contractors now have a clear picture of their future compliance requirements and what assessors will ask for under “CMMC 3.0”. But if SP 800-171r3
Most people mistaken believe that their cybersecurity requirements stem from the Cybersecurity Maturity Model Certification Program (CMMC). CMMC is simply a verification program that proves if you have implemented the requirements imposed by DF
After 100 episodes diving into every possible rabbit hole to help illuminate the bigger picture around CMMC we're starting over at square zero: the “DFARS Cyber Series” of contract clauses. First up: the solicitation provision 252.204-7008. Alt
The Department of Justice finally did it: they went after a small defense contractor for failure to comply with their contractually obligated cybersecurity requirements. This case has it all from fake SPRS scores to whistleblowers getting paid
The Cyber AB is back with their monthly Town Hall meeting which can only mean one thing; Joy is here to co-host the show, and we are gonna break down the information distributed during the meeting. The ecosystem is growing, CMMC is going intern
The Canadian Program for Cyber Security Certification (CPCSC) requires defense contractors to undergo assessment against NIST SP 800-171 revision 3. That's a big problem for contractors who also do work for the U.S. Department of Defense becaus
At long last we've come to the fourth and final episode covering every finding and allegation in the DoD Inspector General Report on the CMMC process for authorizing 3rd-party assessment organizations. So far none of the 10 findings come anywhe
We're almost done with our exploration of DoD Inspector General audit of the CMMC C3PAO authorization process. The last two recommendations might be the most perplexing of all. Maybe the Inspector General saved the best for last? Register fo
The Cyber AB is back with their monthly Town Hall meeting. This week we dive into “what's new” with the CMMC Program for the month of February covering things like: What do the ecosystem numbers look like right now? What's up with T3 suitabil
The DoD has released guidance to the contracting workforce that implements the 32 CFR CMMC final rule. This week we discuss the two big takeaways for defense contractors. 1) Level 2 self-assessments are unlikely for 99% of companies. 2) CMMC wa
This week we continue our exploration of DoD Inspector General audit of the CMMC C3PAO authorization process. The majority of the recommendations pertain to the Cyber AB, but are all of the recommendations even actionable? We think you'll be su
The DoD Inspector General's report on the C3PAO authorization process is out and people haven't been shy with their takes on the findings. This week we dive into the first set of recommendations to see if there really is a smoking gun. We think
The Cyber AB is back with their monthly Town Hall meeting. This week we dive into the current status of the CMMC Program, the last checklist item before official L2 certification announcements, and more. Register for CS2 Reston: https://cs2.
Regulatory “freeze memos” have been common practice for new presidential administrations since 2001. Some people believe the most recent freeze memo spells the end of CMMC. Those people are incorrect for an assortment of reasons that we dive in
Cybersecurity requirements for protecting controlled unclassified information (CUI) aren't just for defense contractors anymore. The FAR CUI rule will affect all federal contractors handling CUI (and even those who don't). This episode introduc
It's that time of year again where we stake our reputations on predicting the future of the CMMC regulatory landscape. What does our crystal ball say about the future hold for rulemaking, FedRAMP, and the CMMC ecosystem in general? Register f
A year ago we made seven predictions for the CMMC landscape. We got some right, we got a few mostly right, and we got a few “wrong”. Register for CS2 Reston with code SUMITUPRESTON: https://cs2.cloud/reston Pathfinder 101: https://www.sum
The Cyber AB has officially released the CMMC Assessment Process Guide. Now that the “CAP” is official, CMMC “false starts” are officially something that defense contractors need to be aware of. Register for CS2 | Reston with code SUMITUPRES
The CMMC Program has reached it “Birth” date and part of the celebration was the rellease ong the newly revised, effective, and in-force version of the CMMC Assessment Process (CAP, and the CMMC Code of Professional Conduct (CoPC). Jason and Jo
This week we're joined by Fenando Machado of Cybersec Investments, an authorized CMMC C3PAO. Fernando has been around the CMMC space for years and has helped a ton of companies successfully pass their Joint Surveillance Assessments. Fernando sh
What is the CMMC phased roll-out? How will the CMMC phased roll-out affect defense contractors and when? Most importantly: How should companies strategize based on the CMMC phased roll-out? We get into all of that and more this week. Pathfin
Who decides what CMMC status level is required in defense contracts? How do they decide? Q2 2025 is just around the corner and this week we dive into the decision factors that lead to CMMC status level requirements. Pathfinder 101: https://w
A Joint Resolution of Disapproval has been submitted to disapprove the 32 CFR CMMC final rule. Is this the end of CMMC as we know it? Or, as is usually the case, has the ecosystem jumped to conclusions and let their confirmation bias get the be
CMMC Pathfinder Tool | In 5 minutes or less, this free tool will give you a clear path from where you are now to CMMC confidence: https://www.summit7.us/pathfinder Start working on that beach body of evidence because all signs point to CMMC
CMMC Pathfinder Tool | In 5 minutes or less, this free tool will give you a clear path from where you are now to CMMC confidence: https://www.summit7.us/pathfinder As a result of the 32 CFR Final CMMC rule, many organizations will be looking
Unlock more with Podchaser Pro
- Audience Insights
- Contact Information
- Demographics
- Charts
- Sponsor History
- and More!
- Account
- Register
- Log In
- Find Friends
- Resources
- Help Center
- Blog
- API
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More
- © 2025 Podchaser, Inc.
- Privacy Policy
- Terms of Service
- Contact Us