Sign up to save your podcasts
Or
Share CMMC, NIST, CUI, & DFARS News and Analysis for October 2022
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CMMC, NIST, CUI, & DFARS News and Analysis for October 2022
In this episode Jacob and Jason dive into the October 2022 Cyber AB Town Hall by exploring the questions (both answered and unanswered) submitted during the town hall Q&A segment. Jason provides his thoughts on the quality of the updated Registered Practitioner training. Time is spent on Rumor Control: Large prime contractors are seemingly requiring everyone to get #CMMC Level 2 certified and there's not much that #DoD can do to stop them. Jacob discusses the specter of #NIST SP #800-171 Appendix E and why they remain a thorn in everyone's sides. Other questions addressed: Are the rumors of Congressional funding for CMMC actually true? Is DoD actually bad at communicating? Why is it so hard to know how many requirements correspond to CMMC Level 1? The show wraps up with a brief discussion of NIST SP 800-172 and the newly released #CISA Cross-Sector Cybersecurity Performance Goals.
Episode Links:
Cyber AB Town Hall: https://cyberab.org/News-Events/Town-halls
CMMC Level 3 Likelihood: https://www.linkedin.com/posts/jacob-evan-horne_cmmc-cybersecurity-govcon-activity-6978019292143394816-0OGI?utm_source=share&utm_medium=member_desktop
NFO Controls in CMMC: https://www.youtube.com/watch?v=9UyyONyOjJg
NIST SP 800-171 Comment summary: https://csrc.nist.gov/publications/detail/sp/800-171/rev-3/draft
CMMC Delta 20 rationale: https://insights.sei.cmu.edu/blog/beyond-nist-sp-800-171-20-additional-practices-cmmc/
The SA-9 Control: https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SA-9
CMMC Documentation: https://www.acq.osd.mil/cmmc/documentation.html
DFARS Rulemaking on funding (2016): https://www.federalregister.gov/d/2016-25315/p-139
DoD Testimony on Communication and Industry Engagement: https://www.armed-services.senate.gov/hearings/cybersecurity-of-the-defense-industrial-base
OMB Rules Under Review: https://www.reginfo.gov/public/jsp/EO/eoDashboard.myjsp
7 Steps to CMMC: https://www.summit7.us/7-steps-to-cmmc
FAR 52.204-21: https://www.acquisition.gov/far/52.204-21
NIST SP 800-172: https://csrc.nist.gov/publications/detail/sp/800-172/final
DoD hopes Primes Don't Require Level 2: https://www.linkedin.com/posts/jacob-evan-horne_cmmc-cybersecurity-govcon-activity-6973293313240047617-YCGe?utm_source=share&utm_medium=member_desktop
Public/Private Partnership Overview: https://www.chathamhouse.org/sites/default/files/publications/ia/INTA92_1_03_Carr.pdf
CISA Cross-Sector Cyber Performance Goals: https://www.cisa.gov/cpg James Dempsey on Measurable Standards: https://www.lawfareblog.com/cybersecurity-regulation-its-not-performance-based-if-outcomes-cant-be-measured
View all episodes
By Summit 7
5
1313 ratings
In this episode Jacob and Jason dive into the October 2022 Cyber AB Town Hall by exploring the questions (both answered and unanswered) submitted during the town hall Q&A segment. Jason provides his thoughts on the quality of the updated Registered Practitioner training. Time is spent on Rumor Control: Large prime contractors are seemingly requiring everyone to get #CMMC Level 2 certified and there's not much that #DoD can do to stop them. Jacob discusses the specter of #NIST SP #800-171 Appendix E and why they remain a thorn in everyone's sides. Other questions addressed: Are the rumors of Congressional funding for CMMC actually true? Is DoD actually bad at communicating? Why is it so hard to know how many requirements correspond to CMMC Level 1? The show wraps up with a brief discussion of NIST SP 800-172 and the newly released #CISA Cross-Sector Cybersecurity Performance Goals.
Episode Links:
Cyber AB Town Hall: https://cyberab.org/News-Events/Town-halls
CMMC Level 3 Likelihood: https://www.linkedin.com/posts/jacob-evan-horne_cmmc-cybersecurity-govcon-activity-6978019292143394816-0OGI?utm_source=share&utm_medium=member_desktop
NFO Controls in CMMC: https://www.youtube.com/watch?v=9UyyONyOjJg
NIST SP 800-171 Comment summary: https://csrc.nist.gov/publications/detail/sp/800-171/rev-3/draft
CMMC Delta 20 rationale: https://insights.sei.cmu.edu/blog/beyond-nist-sp-800-171-20-additional-practices-cmmc/
The SA-9 Control: https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SA-9
CMMC Documentation: https://www.acq.osd.mil/cmmc/documentation.html
DFARS Rulemaking on funding (2016): https://www.federalregister.gov/d/2016-25315/p-139
DoD Testimony on Communication and Industry Engagement: https://www.armed-services.senate.gov/hearings/cybersecurity-of-the-defense-industrial-base
OMB Rules Under Review: https://www.reginfo.gov/public/jsp/EO/eoDashboard.myjsp
7 Steps to CMMC: https://www.summit7.us/7-steps-to-cmmc
FAR 52.204-21: https://www.acquisition.gov/far/52.204-21
NIST SP 800-172: https://csrc.nist.gov/publications/detail/sp/800-172/final
DoD hopes Primes Don't Require Level 2: https://www.linkedin.com/posts/jacob-evan-horne_cmmc-cybersecurity-govcon-activity-6973293313240047617-YCGe?utm_source=share&utm_medium=member_desktop
Public/Private Partnership Overview: https://www.chathamhouse.org/sites/default/files/publications/ia/INTA92_1_03_Carr.pdf
CISA Cross-Sector Cyber Performance Goals: https://www.cisa.gov/cpg James Dempsey on Measurable Standards: https://www.lawfareblog.com/cybersecurity-regulation-its-not-performance-based-if-outcomes-cant-be-measured
More shows like Sum IT Up: CMMC News Roundup
View all
Fantasy Footballers - Fantasy Football Podcast
29,331 Listeners
Jocko Podcast
30,784 Listeners
REAL AF with Andy Frisella
32,752 Listeners
Security Now (Audio)
2,002 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
My First Million
2,642 Listeners
Shawn Ryan Show
43,997 Listeners
Cyberspin
2 Listeners
New Heights with Jason & Travis Kelce
18,388 Listeners
GRC Academy
4 Listeners
Climbing Mount CMMC
2 Listeners
CMMC Compliance Guide
0 Listeners
That CMMC Show
2 Listeners
CUI Hotline: Live CMMC Q&A
0 Listeners