This is an original article from Cre8tive Technology and Design.
Aerospace and Defense manufacturers are well aware of the certifications and audits they have to go through in order to operate. The Department of Defense is now starting to require the Cybersecurity Maturity Model Certification, or CMMC.
In this blog, we'll go over the basics of the CMMC, and why it is important to your company.
What is the CMMC Certification?
The CMMC is a new certification with the purpose of enhancing the cybersecurity of DoD contractors. Third party organizations conduct the audits and inform manufacturers of the risk that they have.
According the the Office of the Under Secretary of Defense for Acquisition & Sustainment website the CMMC builds on existing regulations like DFARS 252.204-7012 and AIA NAS9933, in order to protect the DoD and its partners from cyber attacks.
There are certification five levels that measure cybersecurity maturity that each include a process and practice that promote cybersecurity best practices. Depending on your company's involvement with sensitive data associated with your project, you will need to reach a certain level of CMMC.
Why is CMMC Certification Important?
If you have any desire to work with the Department of Defense, you need the CMMC. All companies that have a contract with the Department of Defense have to obtain the CMMC. Failure to do so will cost you lucrative opportunities with the military and other defense contractors.
If you have previous contracts before these guidelines start to take place around June 2020, you are able to complete work. However, you will want to start working towards obtaining the highest certification possible so you can continue your working relationship with the DoD.
Read the original.
IMEC is offering a 15-part CMMC Cybersecurity Training Series for Manufacturers will guide you through the process towards CMMC certification, verifying to the DoD that you have adequate cybersecurity controls and policies in place to meet DoD security standards.
Live, virtual training begins July 7, and will meet monthly through September 2022. This series will:
- Translate the Cybersecurity Maturity Model Certification (CMMC) framework into language that manufacturers – not cybersecurity experts – can understand. Recordings of monthly training will be available for all participants.
- Provide an up-to-date deep dive into each of the CMMC control families and domains
- Outline monthly action step for you to make ongoing progress toward CMMC compliance –while still operating your company
- Provide 1-on-1 monthly guidance to make regular progress on the CMMC requirements
- Save $100,000+ in consulting costs for an external provider to complete the process of demonstrating compliance with CMMC in policies, procedures and practices
