San Diego Chapter meeting on September 19, 2023
Meeting location: Sheppard Mullin Richter & Hampton LLP
12275 El Camino Real, Suite 100, San Diego, CA 92130-4092
Meeting Date: Tuesday, September 19
Meeting Time:
Networking & Refreshments, 4:30-5:30 PM:
Presentation: 5:30-6:30 p.m.
For DoD contractors and subcontractors, new cybersecurity requirements are coming. This Aerospace & Defense Forum presentation will cover the structure of the CMMC program and outline the general steps companies must take to prepare for these changes.
CMMC is the DoD’s new cybersecurity compliance program for all DoD contractors and their subcontractors. This will replace the old NIST 800-171 requirements, and for most companies it will require an external audit. There are new requirements included in the revised security baseline.
DFARS has always required DoD contractors and subcontractors to implement and adhere to the cybersecurity controls in NIST 800-171. The CMMC framework differentiates the requirements that must be met based on the risk the company poses to the DoD. There are also new reporting requirements, either self-attestation or an external audit.
Although the CMMC framework has been slow to materialize, finalization is close. Now is the time for DoD contractors and subcontractors to be assessing their readiness and preparing for these new requirements. To start, companies need to identify their CMMC Risk Level (1-3), which then defines the security requirements they must meet.
Risk Levels:
• Level 1 (Foundational) – companies that handle Federal Contract Information (FCI)
• Level 2 (Advanced) – companies that handle controlled unclassified information (CUI)
• Level 3 (Expert) – reducing risks of Advanced Persistent Threats (APTs)
Once organizations have identified their risk level, they must define and assess system scope against the appropriate risk level control requirements and prepare and implement a plan to get to compliance.
Please join us in San Diego on Tuesday, September 19, 2023 (4:30-5:30 PM: Networking & Refreshments, 5:30-6:30 PM: Presentation) when Christian Hansen, CISSP, CISA, Partner, Cybersecurity Consulting, Moss Adams, will cover the structure of the CMMC program and outline the general steps companies should take to get ready for these changes.
The meeting is free for members & $30 for non-members until September 12 ($40 thereafter). For more information and to register to attend the meeting go to http://adfsdsep23.eventbrite.com.
Information about joining The A&D Forum is at https://aerospacedefenseforum.org.
The San Diego chapter is sponsored by Moss Adams, Bank of America Merrill Lynch, LevitZacks, and hosted by Sheppard Mullin Richter & Hampton.
Leave a Reply