CMMC

WT 360: A look inside GovCon's crystal ball for 2024

Stephanie Smith, RSM's GovCon guru and our first guest for 2024, lays out key themes and discussion points that are poised to shape the industry during this new year.

CMMC hot take: What stands out in the draft rule

This video conversation features Matt Travis, CEO of the Cyber AB, and Eric Crusius, partner with Holland & Knight, who give their first impressions on the draft CMMC rule and where things go from here.

Five things to remember about CMMC

The draft rule for how government contractors will protect their customers' information is long and defense as it was two years in the making, but here are five things to keep in mind in putting together your comments.

DOD plans four-phase roll out of CMMC

The Defense Department expects companies will need two years to be fully compliant with this new standard for protecting information on their systems.

UPDATE: CMMC's proposed rule is published

After much anticipation, the proposed new standard for the defense industrial base's overall cyber posture is available for download now.

SBOMs are a needed ingredient but not the full recipe for software supply chain security

Validating the integrity of IT supply chains is critical to cybersecurity and includes the supply chain feeding software development.

Small business challenges and earlier compliance lessons for CMMC

In a new set of video interviews, we explore the challenges unique to small businesses regarding CMMC and what updates to the underlying cybersecurity standard mean for compliance.

Waiting game continues for release of draft CMMC rule

It appears the White House budget office has finished its review of the new industry-wide cybersecurity standard ahead of the final unveiling.

Congress takes up software supply chain security

The FITARA scorecard could become a vehicle for measuring agency progress against the administration's software security goals.

What can you do now to prepare for CMMC?

In the first of a series of videos, we talk to informed observers about what contractors should be doing ahead of the release of the CMMC draft rule and how they should approach what promises to be a massive and complex document for this new cybersecurity standard.

A reader's guide to the upcoming draft CMMC rule

Market observers have advice on what to read and how to comment when the Defense Department releases its proposed cybersecurity rule for the industrial base.

Fingers crossed: DOD's CMMC lead anxious for November release

The proposed final rule for the defense industrial base's new cybersecurity standard could hit the street any day.

Demystifying the acronym soup of CMMC

To prepare for the Nov. 8 CMMC Ecosystem Summit, here is an acronym cheat sheet to follow along in the conversation about the defense industrial base's new cybersecurity standard.

Are you seeking CMMC certification? Here's what you need to know

Ola Sage leads one of the CMMC ecosystem's assessment organizations and gives the inside word here on how contractors should move to show they are meeting this new industry-wide cybersecurity standard.

New Pentagon cyber strategy emphasizes industry and global partnerships

A top Defense Department official described the private sector as “absolutely essential” in implementing the agency’s new cyber strategy.

Think you don't have to worry about supply chain resilience yet? Think again.

Across the analyst and policy community, there is a widespread belief that U.S. defense supply chains are not resilient enough and that raises fears of national security risks.

Security standard revisions should not delay CMMC prep work

Companies should be ready to comply before the eventual release of the Cybersecurity Maturity Model Certification for all firms in the defense industrial base.